diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml
index 894e2e9ef..0e737c2d8 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "builds.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -47,18 +45,18 @@ spec:
description: "Build is the Schema for the builds API."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
spec:
- description: "BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate to think it as pipeline."
+ description: "BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate\nto think it as pipeline."
properties:
configuration:
- description: "The configuration that should be used to perform the Build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
+ description: "The configuration that should be used to perform the Build.\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
properties:
annotations:
additionalProperties:
@@ -108,11 +106,11 @@ spec:
type: "string"
type: "object"
maxRunningBuilds:
- description: "the maximum amount of parallel running builds started by this operator instance Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
+ description: "the maximum amount of parallel running builds started by this operator instance\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
format: "int32"
type: "integer"
operatorNamespace:
- description: "The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation). Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
+ description: "The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation).\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
type: "string"
tasks:
description: "The sequence of tasks (pipeline) to be performed."
@@ -120,7 +118,7 @@ spec:
description: "Task represents the abstract task. Only one of the task should be configured to represent the specific task chosen."
properties:
buildah:
- description: "a BuildahTask, for Buildah strategy Deprecated: use jib, s2i or a custom publishing strategy instead"
+ description: "a BuildahTask, for Buildah strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead"
properties:
baseImage:
description: "base image layer"
@@ -281,7 +279,7 @@ spec:
description: "the configuration required by Maven for the application build phase"
properties:
caSecrets:
- description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore."
+ description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore."
items:
description: "SecretKeySelector selects a key of a Secret."
properties:
@@ -289,7 +287,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -297,14 +295,15 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "array"
cliOptions:
- description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
+ description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
items:
type: "string"
type: "array"
extension:
- description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html."
+ description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html."
items:
description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact."
properties:
@@ -332,7 +331,7 @@ spec:
description: "The path of the local Maven repository."
type: "string"
profiles:
- description: "A reference to the ConfigMap or Secret key that contains the Maven profile."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile."
items:
description: "ValueSource --."
properties:
@@ -343,7 +342,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -351,6 +350,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -358,7 +358,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -366,6 +366,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
properties:
@@ -388,13 +389,13 @@ spec:
description: "can use stable releases"
properties:
checksumPolicy:
- description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
+ description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
type: "string"
enabled:
description: "is the policy activated or not"
type: "boolean"
updatePolicy:
- description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
+ description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
type: "string"
required:
- "enabled"
@@ -403,13 +404,13 @@ spec:
description: "can use snapshot"
properties:
checksumPolicy:
- description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
+ description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
type: "string"
enabled:
description: "is the policy activated or not"
type: "boolean"
updatePolicy:
- description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
+ description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
type: "string"
required:
- "enabled"
@@ -441,7 +442,7 @@ spec:
type: "object"
type: "array"
settings:
- description: "A reference to the ConfigMap or Secret key that contains the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -450,7 +451,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -458,6 +459,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -465,7 +467,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -473,9 +475,10 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
settingsSecurity:
- description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -484,7 +487,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -492,6 +495,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -499,7 +503,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -507,6 +511,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "object"
name:
@@ -520,7 +525,7 @@ spec:
type: "string"
capabilities:
additionalProperties:
- description: "Capability is a particular feature which requires a well known set of dependencies and other properties which are specified in the runtime catalog."
+ description: "Capability is a particular feature which requires a well known set of dependencies and other properties\nwhich are specified in the runtime catalog."
properties:
buildTimeProperties:
description: "Set of required Camel build time properties"
@@ -647,7 +652,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -655,7 +660,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -687,7 +692,7 @@ spec:
description: "User customizable task execution. These are executed after the build and before the package task."
properties:
command:
- description: "the command to execute Deprecated: use ContainerCommands"
+ description: "the command to execute\nDeprecated: use ContainerCommands"
type: "string"
commands:
description: "the command to execute"
@@ -844,7 +849,7 @@ spec:
type: "object"
type: "object"
kaniko:
- description: "a KanikoTask, for Kaniko strategy Deprecated: use jib, s2i or a custom publishing strategy instead"
+ description: "a KanikoTask, for Kaniko strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead"
properties:
baseImage:
description: "base image layer"
@@ -945,7 +950,7 @@ spec:
type: "boolean"
type: "object"
package:
- description: "Application pre publishing a PackageTask, used to package the project"
+ description: "Application pre publishing\na PackageTask, used to package the project"
properties:
baseImage:
description: "the base image layer"
@@ -1012,7 +1017,7 @@ spec:
description: "the configuration required by Maven for the application build phase"
properties:
caSecrets:
- description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore."
+ description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore."
items:
description: "SecretKeySelector selects a key of a Secret."
properties:
@@ -1020,7 +1025,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1028,14 +1033,15 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "array"
cliOptions:
- description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
+ description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
items:
type: "string"
type: "array"
extension:
- description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html."
+ description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html."
items:
description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact."
properties:
@@ -1063,7 +1069,7 @@ spec:
description: "The path of the local Maven repository."
type: "string"
profiles:
- description: "A reference to the ConfigMap or Secret key that contains the Maven profile."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile."
items:
description: "ValueSource --."
properties:
@@ -1074,7 +1080,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1082,6 +1088,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1089,7 +1096,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1097,6 +1104,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
properties:
@@ -1119,13 +1127,13 @@ spec:
description: "can use stable releases"
properties:
checksumPolicy:
- description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
+ description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
type: "string"
enabled:
description: "is the policy activated or not"
type: "boolean"
updatePolicy:
- description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
+ description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
type: "string"
required:
- "enabled"
@@ -1134,13 +1142,13 @@ spec:
description: "can use snapshot"
properties:
checksumPolicy:
- description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
+ description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums."
type: "string"
enabled:
description: "is the policy activated or not"
type: "boolean"
updatePolicy:
- description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
+ description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`"
type: "string"
required:
- "enabled"
@@ -1172,7 +1180,7 @@ spec:
type: "object"
type: "array"
settings:
- description: "A reference to the ConfigMap or Secret key that contains the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -1181,7 +1189,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1189,6 +1197,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1196,7 +1205,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1204,9 +1213,10 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
settingsSecurity:
- description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -1215,7 +1225,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1223,6 +1233,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1230,7 +1241,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1238,6 +1249,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "object"
name:
@@ -1251,7 +1263,7 @@ spec:
type: "string"
capabilities:
additionalProperties:
- description: "Capability is a particular feature which requires a well known set of dependencies and other properties which are specified in the runtime catalog."
+ description: "Capability is a particular feature which requires a well known set of dependencies and other properties\nwhich are specified in the runtime catalog."
properties:
buildTimeProperties:
description: "Set of required Camel build time properties"
@@ -1378,7 +1390,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -1386,7 +1398,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -1503,7 +1515,7 @@ spec:
type: "string"
type: "object"
spectrum:
- description: "a SpectrumTask, for Spectrum strategy Deprecated: use jib, s2i or a custom publishing strategy instead"
+ description: "a SpectrumTask, for Spectrum strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead"
properties:
baseImage:
description: "base image layer"
@@ -1590,11 +1602,11 @@ spec:
type: "object"
type: "array"
timeout:
- description: "Timeout defines the Build maximum execution duration. The Build deadline is set to the Build start time plus the Timeout duration. If the Build deadline is exceeded, the Build context is canceled, and its phase set to BuildPhaseFailed."
+ description: "Timeout defines the Build maximum execution duration.\nThe Build deadline is set to the Build start time plus the Timeout duration.\nIf the Build deadline is exceeded, the Build context is canceled,\nand its phase set to BuildPhaseFailed."
format: "duration"
type: "string"
toolImage:
- description: "The container image to be used to run the build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
+ description: "The container image to be used to run the build.\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility"
type: "string"
type: "object"
status:
@@ -1658,7 +1670,7 @@ spec:
description: "the digest from image"
type: "string"
duration:
- description: "how long it took for the build Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3 https://github.com/OAI/OpenAPI-Specification/issues/845"
+ description: "how long it took for the build\nChange to Duration / ISO 8601 when CRD uses OpenAPI spec v3\nhttps://github.com/OAI/OpenAPI-Specification/issues/845"
type: "string"
error:
description: "the error description (if any)"
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml
index 7fcf5eb05..cf368e92e 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "camelcatalogs.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -43,10 +41,10 @@ spec:
description: "CamelCatalog represents the languages, components, data formats and capabilities enabled on a given runtime provider. The catalog may be statically generated."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -328,7 +326,7 @@ spec:
type: "string"
capabilities:
additionalProperties:
- description: "Capability is a particular feature which requires a well known set of dependencies and other properties which are specified in the runtime catalog."
+ description: "Capability is a particular feature which requires a well known set of dependencies and other properties\nwhich are specified in the runtime catalog."
properties:
buildTimeProperties:
description: "Set of required Camel build time properties"
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml
index dfd6431a1..5ac442b98 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "integrationkits.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -48,13 +46,13 @@ spec:
name: "v1"
schema:
openAPIV3Schema:
- description: "IntegrationKit defines a container image and additional configuration needed to run an `Integration`. An `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it, in order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit` may be used for other kits as a base container layer, when the `incremental` build option is enabled."
+ description: "IntegrationKit defines a container image and additional configuration needed to run an `Integration`.\nAn `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it,\nin order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit`\nmay be used for other kits as a base container layer, when the `incremental` build option is enabled."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -67,7 +65,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes configuration used by the kit"
+ description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes\nconfiguration used by the kit"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -122,7 +120,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -130,7 +128,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -171,10 +169,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -184,13 +182,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -217,10 +215,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -234,7 +232,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -257,14 +255,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The Camel trait sets up Camel configuration."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -276,14 +274,14 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
quarkus:
- description: "The Quarkus trait configures the Quarkus runtime. It's enabled by default. NOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available."
+ description: "The Quarkus trait configures the Quarkus runtime.\nIt's enabled by default.\nNOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available."
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -292,7 +290,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -305,9 +303,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -315,10 +313,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The Registry trait sets up Maven to use the Image registry as a Maven repository. Deprecated: use jvm trait or read documentation."
+ description: "The Registry trait sets up Maven to use the Image registry as a Maven repository (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml
index 88680ea85..e74ebd07c 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "integrationplatforms.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -44,13 +42,13 @@ spec:
name: "v1"
schema:
openAPIV3Schema:
- description: "IntegrationPlatform is the resource used to drive the Camel K operator behavior. It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace. When the Camel K operator is installed in `global` mode, you will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed."
+ description: "IntegrationPlatform is the resource used to drive the Camel K operator behavior.\nIt defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.\nWhen the Camel K operator is installed in `global` mode,\nyou will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -66,10 +64,10 @@ spec:
description: "Generic options that can used by any publish strategy"
type: "object"
baseImage:
- description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software"
+ description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software"
type: "string"
buildCatalogToolTimeout:
- description: "the timeout (in seconds) to use when creating the build tools container image Deprecated: no longer in use"
+ description: "the timeout (in seconds) to use when creating the build tools container image\nDeprecated: no longer in use"
type: "string"
buildConfiguration:
description: "the configuration required to build an Integration container image"
@@ -125,7 +123,7 @@ spec:
description: "Maven configuration used to build the Camel/Camel-Quarkus applications"
properties:
caSecrets:
- description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore."
+ description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore."
items:
description: "SecretKeySelector selects a key of a Secret."
properties:
@@ -133,7 +131,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -141,14 +139,15 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "array"
cliOptions:
- description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
+ description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
items:
type: "string"
type: "array"
extension:
- description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html."
+ description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html."
items:
description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact."
properties:
@@ -176,7 +175,7 @@ spec:
description: "The path of the local Maven repository."
type: "string"
profiles:
- description: "A reference to the ConfigMap or Secret key that contains the Maven profile."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile."
items:
description: "ValueSource --."
properties:
@@ -187,7 +186,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -195,6 +194,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -202,7 +202,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -210,6 +210,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
properties:
@@ -218,7 +219,7 @@ spec:
description: "The Maven properties."
type: "object"
settings:
- description: "A reference to the ConfigMap or Secret key that contains the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -227,7 +228,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -235,6 +236,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -242,7 +244,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -250,9 +252,10 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
settingsSecurity:
- description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -261,7 +264,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -269,6 +272,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -276,7 +280,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -284,6 +288,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "object"
maxRunningBuilds:
@@ -326,7 +331,7 @@ spec:
description: "what kind of cluster you're running (ie, plain Kubernetes or OpenShift)"
type: "string"
configuration:
- description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform"
+ description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes\nlist of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -356,7 +361,7 @@ spec:
type: "array"
type: "object"
profile:
- description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen. It usually relates the Cluster with the optional definition of special profiles (ie, Knative)"
+ description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.\nIt usually relates the Cluster with the optional definition of special profiles (ie, Knative)"
type: "string"
traits:
description: "list of traits to be executed for all the Integration/IntegrationKits built from this IntegrationPlatform"
@@ -382,7 +387,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -397,7 +402,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -405,7 +410,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -419,10 +424,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -432,13 +437,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -465,10 +470,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -482,7 +487,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -505,14 +510,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -524,7 +529,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -549,7 +554,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -559,7 +564,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -613,41 +618,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -658,7 +663,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -669,7 +674,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -683,34 +688,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -723,7 +728,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -736,7 +741,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -745,7 +750,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -759,11 +764,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -777,7 +782,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -877,13 +882,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -896,7 +901,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -918,7 +923,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -932,15 +937,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -950,13 +955,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -983,7 +988,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -1007,7 +1012,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -1017,7 +1022,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1047,12 +1052,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -1060,14 +1065,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -1077,31 +1082,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -1110,45 +1115,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -1160,7 +1165,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1199,12 +1204,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -1216,15 +1221,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -1236,12 +1241,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1252,7 +1257,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1273,44 +1278,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1321,7 +1326,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1343,7 +1348,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1360,7 +1365,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -1369,7 +1374,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1382,9 +1387,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -1392,10 +1397,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1408,10 +1413,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1421,38 +1426,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -1463,7 +1468,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1490,14 +1495,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -1511,7 +1516,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1537,7 +1542,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1573,10 +1578,10 @@ spec:
description: "Generic options that can used by any publish strategy"
type: "object"
baseImage:
- description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software"
+ description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software"
type: "string"
buildCatalogToolTimeout:
- description: "the timeout (in seconds) to use when creating the build tools container image Deprecated: no longer in use"
+ description: "the timeout (in seconds) to use when creating the build tools container image\nDeprecated: no longer in use"
type: "string"
buildConfiguration:
description: "the configuration required to build an Integration container image"
@@ -1632,7 +1637,7 @@ spec:
description: "Maven configuration used to build the Camel/Camel-Quarkus applications"
properties:
caSecrets:
- description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore."
+ description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore."
items:
description: "SecretKeySelector selects a key of a Secret."
properties:
@@ -1640,7 +1645,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1648,14 +1653,15 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "array"
cliOptions:
- description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
+ description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
items:
type: "string"
type: "array"
extension:
- description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html."
+ description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html."
items:
description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact."
properties:
@@ -1683,7 +1689,7 @@ spec:
description: "The path of the local Maven repository."
type: "string"
profiles:
- description: "A reference to the ConfigMap or Secret key that contains the Maven profile."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile."
items:
description: "ValueSource --."
properties:
@@ -1694,7 +1700,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1702,6 +1708,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1709,7 +1716,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1717,6 +1724,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
properties:
@@ -1725,7 +1733,7 @@ spec:
description: "The Maven properties."
type: "object"
settings:
- description: "A reference to the ConfigMap or Secret key that contains the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -1734,7 +1742,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1742,6 +1750,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1749,7 +1758,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1757,9 +1766,10 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
settingsSecurity:
- description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -1768,7 +1778,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1776,6 +1786,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1783,7 +1794,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1791,6 +1802,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "object"
maxRunningBuilds:
@@ -1863,7 +1875,7 @@ spec:
type: "object"
type: "array"
configuration:
- description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform"
+ description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes\nlist of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -1905,7 +1917,7 @@ spec:
description: "defines in what phase the IntegrationPlatform is found"
type: "string"
profile:
- description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen. It usually relates the Cluster with the optional definition of special profiles (ie, Knative)"
+ description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.\nIt usually relates the Cluster with the optional definition of special profiles (ie, Knative)"
type: "string"
traits:
description: "list of traits to be executed for all the Integration/IntegrationKits built from this IntegrationPlatform"
@@ -1931,7 +1943,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1946,7 +1958,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -1954,7 +1966,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -1968,10 +1980,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1981,13 +1993,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -2014,10 +2026,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -2031,7 +2043,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -2054,14 +2066,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2073,7 +2085,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -2098,7 +2110,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2108,7 +2120,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -2162,41 +2174,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -2207,7 +2219,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2218,7 +2230,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2232,34 +2244,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -2272,7 +2284,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -2285,7 +2297,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -2294,7 +2306,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2308,11 +2320,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -2326,7 +2338,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2426,13 +2438,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2445,7 +2457,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -2467,7 +2479,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2481,15 +2493,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -2499,13 +2511,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -2532,7 +2544,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -2556,7 +2568,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -2566,7 +2578,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2596,12 +2608,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -2609,14 +2621,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -2626,31 +2638,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -2659,45 +2671,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -2709,7 +2721,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2748,12 +2760,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -2765,15 +2777,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -2785,12 +2797,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2801,7 +2813,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2822,44 +2834,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2870,7 +2882,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2892,7 +2904,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2909,7 +2921,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -2918,7 +2930,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2931,9 +2943,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -2941,10 +2953,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2957,10 +2969,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2970,38 +2982,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -3012,7 +3024,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3039,14 +3051,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -3060,7 +3072,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3086,7 +3098,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml
index 4edb82799..faf951b78 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "integrationprofiles.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -32,13 +30,13 @@ spec:
name: "v1"
schema:
openAPIV3Schema:
- description: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace."
+ description: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior.\nIt defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -49,13 +47,13 @@ spec:
description: "specify how to build the Integration/IntegrationKits"
properties:
baseImage:
- description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software"
+ description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software"
type: "string"
maven:
description: "Maven configuration used to build the Camel/Camel-Quarkus applications"
properties:
caSecrets:
- description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore."
+ description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore."
items:
description: "SecretKeySelector selects a key of a Secret."
properties:
@@ -63,7 +61,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -71,14 +69,15 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "array"
cliOptions:
- description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
+ description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
items:
type: "string"
type: "array"
extension:
- description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html."
+ description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html."
items:
description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact."
properties:
@@ -106,7 +105,7 @@ spec:
description: "The path of the local Maven repository."
type: "string"
profiles:
- description: "A reference to the ConfigMap or Secret key that contains the Maven profile."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile."
items:
description: "ValueSource --."
properties:
@@ -117,7 +116,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -125,6 +124,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -132,7 +132,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -140,6 +140,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
properties:
@@ -148,7 +149,7 @@ spec:
description: "The Maven properties."
type: "object"
settings:
- description: "A reference to the ConfigMap or Secret key that contains the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -157,7 +158,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -165,6 +166,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -172,7 +174,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -180,9 +182,10 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
settingsSecurity:
- description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -191,7 +194,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -199,6 +202,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -206,7 +210,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -214,6 +218,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "object"
registry:
@@ -283,7 +288,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -298,7 +303,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -306,7 +311,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -320,10 +325,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -333,13 +338,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -366,10 +371,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -383,7 +388,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -406,14 +411,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -425,7 +430,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -450,7 +455,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -460,7 +465,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -514,41 +519,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -559,7 +564,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -570,7 +575,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -584,34 +589,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -624,7 +629,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -637,7 +642,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -646,7 +651,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -660,11 +665,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -678,7 +683,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -778,13 +783,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -797,7 +802,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -819,7 +824,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -833,15 +838,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -851,13 +856,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -884,7 +889,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -908,7 +913,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -918,7 +923,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -948,12 +953,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -961,14 +966,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -978,31 +983,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -1011,45 +1016,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -1061,7 +1066,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1100,12 +1105,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -1117,15 +1122,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -1137,12 +1142,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1153,7 +1158,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1174,44 +1179,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1222,7 +1227,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1244,7 +1249,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1261,7 +1266,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -1270,7 +1275,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1283,9 +1288,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -1293,10 +1298,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1309,10 +1314,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1322,38 +1327,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -1364,7 +1369,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1391,14 +1396,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -1412,7 +1417,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1438,7 +1443,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1469,13 +1474,13 @@ spec:
description: "specify how to build the Integration/IntegrationKits"
properties:
baseImage:
- description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software"
+ description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software"
type: "string"
maven:
description: "Maven configuration used to build the Camel/Camel-Quarkus applications"
properties:
caSecrets:
- description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore."
+ description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore."
items:
description: "SecretKeySelector selects a key of a Secret."
properties:
@@ -1483,7 +1488,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1491,14 +1496,15 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "array"
cliOptions:
- description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
+ description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html."
items:
type: "string"
type: "array"
extension:
- description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html."
+ description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html."
items:
description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact."
properties:
@@ -1526,7 +1532,7 @@ spec:
description: "The path of the local Maven repository."
type: "string"
profiles:
- description: "A reference to the ConfigMap or Secret key that contains the Maven profile."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile."
items:
description: "ValueSource --."
properties:
@@ -1537,7 +1543,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1545,6 +1551,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1552,7 +1559,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1560,6 +1567,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
properties:
@@ -1568,7 +1576,7 @@ spec:
description: "The Maven properties."
type: "object"
settings:
- description: "A reference to the ConfigMap or Secret key that contains the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -1577,7 +1585,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1585,6 +1593,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1592,7 +1601,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1600,9 +1609,10 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
settingsSecurity:
- description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings."
+ description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings."
properties:
configMapKeyRef:
description: "Selects a key of a ConfigMap."
@@ -1611,7 +1621,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1619,6 +1629,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret."
properties:
@@ -1626,7 +1637,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1634,6 +1645,7 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "object"
registry:
@@ -1740,7 +1752,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1755,7 +1767,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -1763,7 +1775,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -1777,10 +1789,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1790,13 +1802,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -1823,10 +1835,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -1840,7 +1852,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -1863,14 +1875,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1882,7 +1894,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -1907,7 +1919,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -1917,7 +1929,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -1971,41 +1983,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -2016,7 +2028,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2027,7 +2039,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2041,34 +2053,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -2081,7 +2093,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -2094,7 +2106,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -2103,7 +2115,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2117,11 +2129,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -2135,7 +2147,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2235,13 +2247,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2254,7 +2266,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -2276,7 +2288,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2290,15 +2302,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -2308,13 +2320,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -2341,7 +2353,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -2365,7 +2377,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -2375,7 +2387,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2405,12 +2417,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -2418,14 +2430,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -2435,31 +2447,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -2468,45 +2480,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -2518,7 +2530,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2557,12 +2569,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -2574,15 +2586,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -2594,12 +2606,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2610,7 +2622,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2631,44 +2643,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2679,7 +2691,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2701,7 +2713,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2718,7 +2730,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -2727,7 +2739,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2740,9 +2752,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -2750,10 +2762,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2766,10 +2778,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2779,38 +2791,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -2821,7 +2833,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2848,14 +2860,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -2869,7 +2881,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -2895,7 +2907,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml
index f0341feb3..2ea2cd3e1 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "integrations.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -51,10 +49,10 @@ spec:
description: "Integration is the Schema for the integrations API."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -62,7 +60,7 @@ spec:
description: "the desired Integration specification"
properties:
configuration:
- description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes"
+ description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -96,24 +94,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
profile:
description: "the profile needed to run this Integration"
type: "string"
@@ -153,7 +152,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -161,7 +160,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -202,17 +201,17 @@ spec:
description: "A single application container that you want to run within a pod."
properties:
args:
- description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -220,7 +219,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -232,7 +231,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -240,8 +239,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -252,8 +252,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -271,6 +272,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -278,7 +280,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -286,13 +288,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -300,12 +303,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -313,31 +317,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated."
+ description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -346,7 +351,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -354,7 +359,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -371,10 +376,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -390,7 +395,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -399,20 +404,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -421,7 +426,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -429,7 +434,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -446,10 +451,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -465,7 +470,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -474,7 +479,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -482,19 +487,19 @@ spec:
type: "object"
type: "object"
livenessProbe:
- description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -505,7 +510,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -514,7 +519,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -522,7 +527,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -539,24 +544,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -569,45 +574,45 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."
+ description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
type: "string"
ports:
- description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated."
+ description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
items:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -618,19 +623,19 @@ spec:
- "protocol"
x-kubernetes-list-type: "map"
readinessProbe:
- description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -641,7 +646,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -650,7 +655,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -658,7 +663,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -675,24 +680,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -705,17 +710,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -725,10 +730,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -737,15 +742,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -761,7 +766,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -770,20 +775,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed."
+ description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
type: "string"
securityContext:
- description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -799,27 +804,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -835,48 +840,48 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -887,7 +892,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -896,7 +901,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -904,7 +909,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -921,24 +926,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -951,34 +956,34 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -997,27 +1002,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -1025,7 +1030,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -1037,20 +1042,20 @@ spec:
ephemeralContainers:
description: "EphemeralContainers"
items:
- description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted."
+ description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted."
properties:
args:
- description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -1058,7 +1063,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -1070,7 +1075,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1078,8 +1083,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -1090,8 +1096,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -1109,6 +1116,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -1116,7 +1124,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1124,13 +1132,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -1138,12 +1147,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -1151,31 +1161,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images"
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images"
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
description: "Lifecycle is not allowed for ephemeral containers."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -1184,7 +1195,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1192,7 +1203,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1209,10 +1220,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -1228,7 +1239,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -1237,20 +1248,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -1259,7 +1270,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1267,7 +1278,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1284,10 +1295,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -1303,7 +1314,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -1312,7 +1323,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -1326,13 +1337,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1343,7 +1354,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1352,7 +1363,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1360,7 +1371,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1377,24 +1388,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1407,22 +1418,22 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers."
+ description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers."
type: "string"
ports:
description: "Ports are not allowed for ephemeral containers."
@@ -1430,22 +1441,22 @@ spec:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -1462,13 +1473,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1479,7 +1490,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1488,7 +1499,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1496,7 +1507,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1513,24 +1524,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1543,17 +1554,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -1563,10 +1574,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -1575,15 +1586,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod."
+ description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod."
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -1599,7 +1610,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -1608,20 +1619,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers."
+ description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers."
type: "string"
securityContext:
- description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
+ description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -1637,27 +1648,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -1673,31 +1684,31 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
@@ -1708,13 +1719,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1725,7 +1736,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1734,7 +1745,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1742,7 +1753,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1759,24 +1770,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1789,37 +1800,37 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
targetContainerName:
- description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined."
+ description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined."
type: "string"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -1838,27 +1849,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -1866,7 +1877,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -1878,17 +1889,17 @@ spec:
description: "A single application container that you want to run within a pod."
properties:
args:
- description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -1896,7 +1907,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -1908,7 +1919,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1916,8 +1927,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -1928,8 +1940,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -1947,6 +1960,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -1954,7 +1968,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1962,13 +1976,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -1976,12 +1991,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -1989,31 +2005,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated."
+ description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -2022,7 +2039,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2030,7 +2047,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2047,10 +2064,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -2066,7 +2083,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -2075,20 +2092,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -2097,7 +2114,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2105,7 +2122,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2122,10 +2139,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -2141,7 +2158,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -2150,7 +2167,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -2158,19 +2175,19 @@ spec:
type: "object"
type: "object"
livenessProbe:
- description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2181,7 +2198,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2190,7 +2207,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2198,7 +2215,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2215,24 +2232,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2245,45 +2262,45 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."
+ description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
type: "string"
ports:
- description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated."
+ description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
items:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -2294,19 +2311,19 @@ spec:
- "protocol"
x-kubernetes-list-type: "map"
readinessProbe:
- description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2317,7 +2334,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2326,7 +2343,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2334,7 +2351,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2351,24 +2368,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2381,17 +2398,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -2401,10 +2418,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -2413,15 +2430,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -2437,7 +2454,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -2446,20 +2463,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed."
+ description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
type: "string"
securityContext:
- description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -2475,27 +2492,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -2511,48 +2528,48 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2563,7 +2580,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2572,7 +2589,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2580,7 +2597,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2597,24 +2614,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2627,34 +2644,34 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -2673,27 +2690,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -2701,7 +2718,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -2719,25 +2736,25 @@ spec:
description: "PodSecurityContext"
properties:
fsGroup:
- description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
fsGroupChangePolicy:
- description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows."
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -2753,25 +2770,25 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
supplementalGroups:
- description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows."
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
items:
format: "int64"
type: "integer"
type: "array"
sysctls:
- description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows."
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
items:
description: "Sysctl defines a kernel parameter to be set"
properties:
@@ -2787,19 +2804,19 @@ spec:
type: "object"
type: "array"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
@@ -2813,21 +2830,21 @@ spec:
description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology."
properties:
labelSelector:
- description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain."
+ description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -2839,34 +2856,35 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
maxSkew:
- description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed."
+ description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed."
format: "int32"
type: "integer"
minDomains:
- description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
format: "int32"
type: "integer"
nodeAffinityPolicy:
- description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
+ description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: "string"
nodeTaintsPolicy:
- description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
+ description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: "string"
topologyKey:
- description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field."
+ description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field."
type: "string"
whenUnsatisfiable:
- description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field."
+ description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field."
type: "string"
required:
- "maxSkew"
@@ -2880,20 +2898,20 @@ spec:
description: "Volume represents a named volume in a pod that may be accessed by any container in the pod."
properties:
awsElasticBlockStore:
- description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
properties:
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
partition:
- description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
+ description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
format: "int32"
type: "integer"
readOnly:
- description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
type: "boolean"
volumeID:
- description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
type: "string"
required:
- "volumeID"
@@ -2911,13 +2929,13 @@ spec:
description: "diskURI is the URI of data disk in the blob storage"
type: "string"
fsType:
- description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
kind:
description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared"
type: "string"
readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
required:
- "diskName"
@@ -2927,7 +2945,7 @@ spec:
description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod."
properties:
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretName:
description: "secretName is the name of secret that contains Azure Storage Account Name and Key"
@@ -2943,7 +2961,7 @@ spec:
description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime"
properties:
monitors:
- description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
items:
type: "string"
type: "array"
@@ -2951,42 +2969,44 @@ spec:
description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
type: "string"
readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "boolean"
secretFile:
- description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "string"
secretRef:
- description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
user:
- description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "string"
required:
- "monitors"
type: "object"
cinder:
- description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "boolean"
secretRef:
- description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack."
+ description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
volumeID:
- description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "string"
required:
- "volumeID"
@@ -2995,11 +3015,11 @@ spec:
description: "configMap represents a configMap that should populate this volume"
properties:
defaultMode:
- description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3007,11 +3027,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3019,35 +3039,37 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
csi:
description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)."
properties:
driver:
- description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster."
+ description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster."
type: "string"
fsType:
- description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply."
+ description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply."
type: "string"
nodePublishSecretRef:
- description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed."
+ description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
readOnly:
- description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)."
+ description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)."
type: "boolean"
volumeAttributes:
additionalProperties:
type: "string"
- description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values."
+ description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
type: "object"
required:
- "driver"
@@ -3056,7 +3078,7 @@ spec:
description: "downwardAPI represents downward API about the pod that should populate this volume"
properties:
defaultMode:
- description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
@@ -3076,15 +3098,16 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
type: "string"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -3102,47 +3125,48 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "path"
type: "object"
type: "array"
type: "object"
emptyDir:
- description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
properties:
medium:
- description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
type: "string"
sizeLimit:
anyOf:
- type: "integer"
- type: "string"
- description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
type: "object"
ephemeral:
- description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
+ description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time."
properties:
volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
+ description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil."
properties:
metadata:
- description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation."
+ description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
type: "object"
spec:
- description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here."
+ description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here."
properties:
accessModes:
- description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
+ description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
items:
type: "string"
type: "array"
dataSource:
- description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource."
+ description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
properties:
apiGroup:
- description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required."
+ description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
type: "string"
kind:
description: "Kind is the type of resource being referenced"
@@ -3154,11 +3178,12 @@ spec:
- "kind"
- "name"
type: "object"
+ x-kubernetes-map-type: "atomic"
dataSourceRef:
- description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
+ description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
properties:
apiGroup:
- description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required."
+ description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
type: "string"
kind:
description: "Kind is the type of resource being referenced"
@@ -3167,14 +3192,14 @@ spec:
description: "Name is the name of resource being referenced"
type: "string"
namespace:
- description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
+ description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
type: "string"
required:
- "kind"
- "name"
type: "object"
resources:
- description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
+ description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
limits:
additionalProperties:
@@ -3183,7 +3208,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -3192,7 +3217,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
selector:
@@ -3201,16 +3226,16 @@ spec:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -3222,17 +3247,18 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
storageClassName:
- description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
+ description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
volumeAttributesClassName:
- description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
type: "string"
volumeMode:
- description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec."
+ description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
volumeName:
description: "volumeName is the binding reference to the PersistentVolume backing this claim."
@@ -3246,14 +3272,14 @@ spec:
description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
lun:
description: "lun is Optional: FC target lun number"
format: "int32"
type: "integer"
readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
targetWWNs:
description: "targetWWNs is Optional: FC target worldwide names (WWNs)"
@@ -3261,19 +3287,19 @@ spec:
type: "string"
type: "array"
wwids:
- description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
+ description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
items:
type: "string"
type: "array"
type: "object"
flexVolume:
- description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin."
+ description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
properties:
driver:
description: "driver is the name of the driver to use for this volume."
type: "string"
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
type: "string"
options:
additionalProperties:
@@ -3281,15 +3307,16 @@ spec:
description: "options is Optional: this field holds extra command options if any."
type: "object"
readOnly:
- description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts."
+ description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "driver"
type: "object"
@@ -3297,36 +3324,36 @@ spec:
description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running"
properties:
datasetName:
- description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated"
+ description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated"
type: "string"
datasetUUID:
description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset"
type: "string"
type: "object"
gcePersistentDisk:
- description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
properties:
fsType:
- description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
partition:
- description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
format: "int32"
type: "integer"
pdName:
- description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
type: "string"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
type: "boolean"
required:
- "pdName"
type: "object"
gitRepo:
- description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container."
+ description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container."
properties:
directory:
- description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name."
+ description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name."
type: "string"
repository:
description: "repository is the URL"
@@ -3338,35 +3365,35 @@ spec:
- "repository"
type: "object"
glusterfs:
- description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md"
+ description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md"
properties:
endpoints:
- description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "string"
path:
- description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "string"
readOnly:
- description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "boolean"
required:
- "endpoints"
- "path"
type: "object"
hostPath:
- description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write."
+ description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write."
properties:
path:
- description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
+ description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
type: "string"
type:
- description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
+ description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
type: "string"
required:
- "path"
type: "object"
iscsi:
- description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md"
+ description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md"
properties:
chapAuthDiscovery:
description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication"
@@ -3375,38 +3402,39 @@ spec:
description: "chapAuthSession defines whether support iSCSI Session CHAP authentication"
type: "boolean"
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
initiatorName:
- description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection."
+ description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection."
type: "string"
iqn:
description: "iqn is the target iSCSI Qualified Name."
type: "string"
iscsiInterface:
- description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)."
+ description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)."
type: "string"
lun:
description: "lun represents iSCSI Target Lun number."
format: "int32"
type: "integer"
portals:
- description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)."
+ description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
items:
type: "string"
type: "array"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false."
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
type: "boolean"
secretRef:
description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
targetPortal:
- description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)."
+ description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
type: "string"
required:
- "iqn"
@@ -3414,32 +3442,32 @@ spec:
- "targetPortal"
type: "object"
name:
- description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
nfs:
- description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
properties:
path:
- description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "string"
readOnly:
- description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "boolean"
server:
- description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "string"
required:
- "path"
- "server"
type: "object"
persistentVolumeClaim:
- description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
+ description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
properties:
claimName:
- description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
+ description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
type: "string"
readOnly:
- description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false."
+ description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false."
type: "boolean"
required:
- "claimName"
@@ -3448,7 +3476,7 @@ spec:
description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
pdID:
description: "pdID is the ID that identifies Photon Controller persistent disk"
@@ -3460,10 +3488,10 @@ spec:
description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
volumeID:
description: "volumeID uniquely identifies a Portworx volume"
@@ -3475,7 +3503,7 @@ spec:
description: "projected items for all in one resources secrets, configmaps, and downward API"
properties:
defaultMode:
- description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
sources:
@@ -3484,24 +3512,24 @@ spec:
description: "Projection that may be projected along with other supported volume types"
properties:
clusterTrustBundle:
- description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time."
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
properties:
labelSelector:
- description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"."
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -3513,20 +3541,21 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
name:
- description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector."
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
type: "string"
optional:
- description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles."
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
type: "boolean"
path:
description: "Relative path from the volume root to write the bundle."
type: "string"
signerName:
- description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated."
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
type: "string"
required:
- "path"
@@ -3535,7 +3564,7 @@ spec:
description: "configMap information about the configMap data to project"
properties:
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3543,11 +3572,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3555,12 +3584,13 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
downwardAPI:
description: "downwardAPI information about the downwardAPI data to project"
properties:
@@ -3581,15 +3611,16 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
type: "string"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -3607,6 +3638,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "path"
type: "object"
@@ -3616,7 +3648,7 @@ spec:
description: "secret information about the secret data to project"
properties:
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3624,11 +3656,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3636,24 +3668,25 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional field specify whether the Secret or its key must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
serviceAccountToken:
description: "serviceAccountToken is information about the serviceAccountToken data to project"
properties:
audience:
- description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver."
+ description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver."
type: "string"
expirationSeconds:
- description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes."
+ description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes."
format: "int64"
type: "integer"
path:
- description: "path is the path relative to the mount point of the file to project the token into."
+ description: "path is the path relative to the mount point of the file to project the\ntoken into."
type: "string"
required:
- "path"
@@ -3665,19 +3698,19 @@ spec:
description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
properties:
group:
- description: "group to map volume access to Default is no group"
+ description: "group to map volume access to\nDefault is no group"
type: "string"
readOnly:
- description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false."
+ description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false."
type: "boolean"
registry:
- description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes"
+ description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes"
type: "string"
tenant:
- description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin"
+ description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin"
type: "string"
user:
- description: "user to map volume access to Defaults to serivceaccount user"
+ description: "user to map volume access to\nDefaults to serivceaccount user"
type: "string"
volume:
description: "volume is a string that references an already created Quobyte volume by name."
@@ -3687,37 +3720,38 @@ spec:
- "volume"
type: "object"
rbd:
- description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md"
+ description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md"
properties:
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
image:
- description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
keyring:
- description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
monitors:
- description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
items:
type: "string"
type: "array"
pool:
- description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "boolean"
secretRef:
- description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
user:
- description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
required:
- "image"
@@ -3727,7 +3761,7 @@ spec:
description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"."
type: "string"
gateway:
description: "gateway is the host address of the ScaleIO API Gateway."
@@ -3736,20 +3770,21 @@ spec:
description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage."
type: "string"
readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail."
+ description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
sslEnabled:
description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false"
type: "boolean"
storageMode:
- description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned."
+ description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned."
type: "string"
storagePool:
description: "storagePool is the ScaleIO Storage Pool associated with the protection domain."
@@ -3758,7 +3793,7 @@ spec:
description: "system is the name of the storage system as configured in ScaleIO."
type: "string"
volumeName:
- description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source."
+ description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source."
type: "string"
required:
- "gateway"
@@ -3766,14 +3801,14 @@ spec:
- "system"
type: "object"
secret:
- description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
+ description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
properties:
defaultMode:
- description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
- description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3781,11 +3816,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3796,37 +3831,38 @@ spec:
description: "optional field specify whether the Secret or its keys must be defined"
type: "boolean"
secretName:
- description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
+ description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
type: "string"
type: "object"
storageos:
description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted."
+ description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
volumeName:
- description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace."
+ description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace."
type: "string"
volumeNamespace:
- description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created."
+ description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created."
type: "string"
type: "object"
vsphereVolume:
description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
storagePolicyID:
description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName."
@@ -3872,7 +3908,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3887,7 +3923,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -3895,7 +3931,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -3909,10 +3945,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3922,13 +3958,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -3955,10 +3991,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -3972,7 +4008,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -3995,14 +4031,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4014,7 +4050,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -4039,7 +4075,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4049,7 +4085,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -4103,41 +4139,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -4148,7 +4184,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4159,7 +4195,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4173,34 +4209,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -4213,7 +4249,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -4226,7 +4262,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -4235,7 +4271,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4249,11 +4285,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -4267,7 +4303,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4367,13 +4403,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4386,7 +4422,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -4408,7 +4444,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4422,15 +4458,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -4440,13 +4476,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -4473,7 +4509,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -4497,7 +4533,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -4507,7 +4543,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4537,12 +4573,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -4550,14 +4586,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -4567,31 +4603,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -4600,45 +4636,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -4650,7 +4686,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4689,12 +4725,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -4706,15 +4742,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -4726,12 +4762,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4742,7 +4778,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4763,44 +4799,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4811,7 +4847,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4833,7 +4869,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4850,7 +4886,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -4859,7 +4895,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4872,9 +4908,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -4882,10 +4918,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4898,10 +4934,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4911,38 +4947,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -4953,7 +4989,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4980,14 +5016,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -5001,7 +5037,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -5027,7 +5063,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -5101,10 +5137,10 @@ spec:
description: "Unique, one-word, CamelCase reason for the condition's last transition."
type: "string"
status:
- description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
+ description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
type: "string"
type:
- description: "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
+ description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
type: "string"
required:
- "status"
@@ -5114,7 +5150,7 @@ spec:
items:
properties:
data:
- description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding."
+ description: "RawMessage is a raw encoded JSON value.\nIt implements Marshaler and Unmarshaler and can\nbe used to delay JSON decoding or precompute a JSON encoding."
x-kubernetes-preserve-unknown-fields: true
name:
type: "string"
@@ -5143,7 +5179,7 @@ spec:
type: "object"
type: "array"
configuration:
- description: "Deprecated: a list of configuration specification"
+ description: "Deprecated:\na list of configuration specification"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -5190,7 +5226,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -5198,7 +5234,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -5230,24 +5266,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
lastInitTimestamp:
description: "the timestamp representing the last time when this integration was initialized."
format: "date-time"
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml
index f7a98bd35..5ccdbbdcc 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "kamelets.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -31,10 +29,10 @@ spec:
description: "Kamelet is the Schema for the kamelets API."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -109,7 +107,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -133,18 +131,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -219,7 +217,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -243,18 +241,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -340,7 +338,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -348,7 +346,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -376,7 +374,7 @@ spec:
x-kubernetes-preserve-unknown-fields: true
types:
additionalProperties:
- description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec."
+ description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec."
properties:
mediaType:
description: "media type as expected for HTTP media types (ie, application/json)"
@@ -390,7 +388,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -414,18 +412,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -483,13 +481,13 @@ spec:
type: "string"
type: "object"
type: "object"
- description: "data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes"
+ description: "data specification types for the events consumed/produced by the Kamelet\nDeprecated: In favor of using DataTypes"
type: "object"
type: "object"
status:
default:
phase: "Ready"
- description: "the actual status of the resource Deprecated no longer in use"
+ description: "the actual status of the resource\nDeprecated no longer in use"
properties:
conditions:
description: "Conditions --"
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml
index 3257ad9fb..2f47e9b89 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "pipes.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -35,10 +33,10 @@ spec:
description: "Pipe is the Schema for the Pipe API."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -50,10 +48,10 @@ spec:
type: "object"
x-kubernetes-preserve-unknown-fields: true
integration:
- description: "Integration is an optional integration used to specify custom parameters Deprecated don't use this. Use trait annotations if you need to change any cluster configuration."
+ description: "Integration is an optional integration used to specify custom parameters\nDeprecated don't use this. Use trait annotations if you need to change any cluster configuration."
properties:
configuration:
- description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes"
+ description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -87,24 +85,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
profile:
description: "the profile needed to run this Integration"
type: "string"
@@ -144,7 +143,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -152,7 +151,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -193,17 +192,17 @@ spec:
description: "A single application container that you want to run within a pod."
properties:
args:
- description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -211,7 +210,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -223,7 +222,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -231,8 +230,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -243,8 +243,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -262,6 +263,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -269,7 +271,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -277,13 +279,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -291,12 +294,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -304,31 +308,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated."
+ description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -337,7 +342,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -345,7 +350,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -362,10 +367,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -381,7 +386,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -390,20 +395,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -412,7 +417,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -420,7 +425,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -437,10 +442,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -456,7 +461,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -465,7 +470,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -473,19 +478,19 @@ spec:
type: "object"
type: "object"
livenessProbe:
- description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -496,7 +501,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -505,7 +510,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -513,7 +518,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -530,24 +535,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -560,45 +565,45 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."
+ description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
type: "string"
ports:
- description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated."
+ description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
items:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -609,19 +614,19 @@ spec:
- "protocol"
x-kubernetes-list-type: "map"
readinessProbe:
- description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -632,7 +637,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -641,7 +646,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -649,7 +654,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -666,24 +671,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -696,17 +701,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -716,10 +721,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -728,15 +733,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -752,7 +757,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -761,20 +766,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed."
+ description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
type: "string"
securityContext:
- description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -790,27 +795,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -826,48 +831,48 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -878,7 +883,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -887,7 +892,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -895,7 +900,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -912,24 +917,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -942,34 +947,34 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -988,27 +993,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -1016,7 +1021,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -1028,20 +1033,20 @@ spec:
ephemeralContainers:
description: "EphemeralContainers"
items:
- description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted."
+ description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted."
properties:
args:
- description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -1049,7 +1054,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -1061,7 +1066,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1069,8 +1074,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -1081,8 +1087,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -1100,6 +1107,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -1107,7 +1115,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1115,13 +1123,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -1129,12 +1138,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -1142,31 +1152,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images"
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images"
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
description: "Lifecycle is not allowed for ephemeral containers."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -1175,7 +1186,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1183,7 +1194,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1200,10 +1211,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -1219,7 +1230,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -1228,20 +1239,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -1250,7 +1261,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1258,7 +1269,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1275,10 +1286,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -1294,7 +1305,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -1303,7 +1314,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -1317,13 +1328,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1334,7 +1345,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1343,7 +1354,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1351,7 +1362,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1368,24 +1379,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1398,22 +1409,22 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers."
+ description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers."
type: "string"
ports:
description: "Ports are not allowed for ephemeral containers."
@@ -1421,22 +1432,22 @@ spec:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -1453,13 +1464,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1470,7 +1481,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1479,7 +1490,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1487,7 +1498,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1504,24 +1515,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1534,17 +1545,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -1554,10 +1565,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -1566,15 +1577,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod."
+ description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod."
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -1590,7 +1601,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -1599,20 +1610,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers."
+ description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers."
type: "string"
securityContext:
- description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
+ description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -1628,27 +1639,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -1664,31 +1675,31 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
@@ -1699,13 +1710,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1716,7 +1727,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1725,7 +1736,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1733,7 +1744,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1750,24 +1761,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1780,37 +1791,37 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
targetContainerName:
- description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined."
+ description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined."
type: "string"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -1829,27 +1840,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -1857,7 +1868,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -1869,17 +1880,17 @@ spec:
description: "A single application container that you want to run within a pod."
properties:
args:
- description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -1887,7 +1898,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -1899,7 +1910,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1907,8 +1918,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -1919,8 +1931,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -1938,6 +1951,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -1945,7 +1959,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1953,13 +1967,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -1967,12 +1982,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -1980,31 +1996,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated."
+ description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -2013,7 +2030,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2021,7 +2038,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2038,10 +2055,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -2057,7 +2074,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -2066,20 +2083,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -2088,7 +2105,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2096,7 +2113,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2113,10 +2130,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -2132,7 +2149,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -2141,7 +2158,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -2149,19 +2166,19 @@ spec:
type: "object"
type: "object"
livenessProbe:
- description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2172,7 +2189,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2181,7 +2198,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2189,7 +2206,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2206,24 +2223,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2236,45 +2253,45 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."
+ description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
type: "string"
ports:
- description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated."
+ description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
items:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -2285,19 +2302,19 @@ spec:
- "protocol"
x-kubernetes-list-type: "map"
readinessProbe:
- description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2308,7 +2325,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2317,7 +2334,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2325,7 +2342,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2342,24 +2359,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2372,17 +2389,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -2392,10 +2409,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -2404,15 +2421,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -2428,7 +2445,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -2437,20 +2454,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed."
+ description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
type: "string"
securityContext:
- description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -2466,27 +2483,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -2502,48 +2519,48 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2554,7 +2571,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2563,7 +2580,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2571,7 +2588,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2588,24 +2605,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2618,34 +2635,34 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -2664,27 +2681,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -2692,7 +2709,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -2710,25 +2727,25 @@ spec:
description: "PodSecurityContext"
properties:
fsGroup:
- description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
fsGroupChangePolicy:
- description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows."
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -2744,25 +2761,25 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
supplementalGroups:
- description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows."
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
items:
format: "int64"
type: "integer"
type: "array"
sysctls:
- description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows."
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
items:
description: "Sysctl defines a kernel parameter to be set"
properties:
@@ -2778,19 +2795,19 @@ spec:
type: "object"
type: "array"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
@@ -2804,21 +2821,21 @@ spec:
description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology."
properties:
labelSelector:
- description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain."
+ description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -2830,34 +2847,35 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
maxSkew:
- description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed."
+ description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed."
format: "int32"
type: "integer"
minDomains:
- description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
format: "int32"
type: "integer"
nodeAffinityPolicy:
- description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
+ description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: "string"
nodeTaintsPolicy:
- description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
+ description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: "string"
topologyKey:
- description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field."
+ description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field."
type: "string"
whenUnsatisfiable:
- description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field."
+ description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field."
type: "string"
required:
- "maxSkew"
@@ -2871,20 +2889,20 @@ spec:
description: "Volume represents a named volume in a pod that may be accessed by any container in the pod."
properties:
awsElasticBlockStore:
- description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
properties:
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
partition:
- description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
+ description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
format: "int32"
type: "integer"
readOnly:
- description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
type: "boolean"
volumeID:
- description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
type: "string"
required:
- "volumeID"
@@ -2902,13 +2920,13 @@ spec:
description: "diskURI is the URI of data disk in the blob storage"
type: "string"
fsType:
- description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
kind:
description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared"
type: "string"
readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
required:
- "diskName"
@@ -2918,7 +2936,7 @@ spec:
description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod."
properties:
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretName:
description: "secretName is the name of secret that contains Azure Storage Account Name and Key"
@@ -2934,7 +2952,7 @@ spec:
description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime"
properties:
monitors:
- description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
items:
type: "string"
type: "array"
@@ -2942,42 +2960,44 @@ spec:
description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
type: "string"
readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "boolean"
secretFile:
- description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "string"
secretRef:
- description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
user:
- description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "string"
required:
- "monitors"
type: "object"
cinder:
- description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "boolean"
secretRef:
- description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack."
+ description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
volumeID:
- description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "string"
required:
- "volumeID"
@@ -2986,11 +3006,11 @@ spec:
description: "configMap represents a configMap that should populate this volume"
properties:
defaultMode:
- description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -2998,11 +3018,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3010,35 +3030,37 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
csi:
description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)."
properties:
driver:
- description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster."
+ description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster."
type: "string"
fsType:
- description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply."
+ description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply."
type: "string"
nodePublishSecretRef:
- description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed."
+ description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
readOnly:
- description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)."
+ description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)."
type: "boolean"
volumeAttributes:
additionalProperties:
type: "string"
- description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values."
+ description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
type: "object"
required:
- "driver"
@@ -3047,7 +3069,7 @@ spec:
description: "downwardAPI represents downward API about the pod that should populate this volume"
properties:
defaultMode:
- description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
@@ -3067,15 +3089,16 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
type: "string"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -3093,47 +3116,48 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "path"
type: "object"
type: "array"
type: "object"
emptyDir:
- description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
properties:
medium:
- description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
type: "string"
sizeLimit:
anyOf:
- type: "integer"
- type: "string"
- description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
type: "object"
ephemeral:
- description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
+ description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time."
properties:
volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
+ description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil."
properties:
metadata:
- description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation."
+ description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
type: "object"
spec:
- description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here."
+ description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here."
properties:
accessModes:
- description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
+ description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
items:
type: "string"
type: "array"
dataSource:
- description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource."
+ description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
properties:
apiGroup:
- description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required."
+ description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
type: "string"
kind:
description: "Kind is the type of resource being referenced"
@@ -3145,11 +3169,12 @@ spec:
- "kind"
- "name"
type: "object"
+ x-kubernetes-map-type: "atomic"
dataSourceRef:
- description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
+ description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
properties:
apiGroup:
- description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required."
+ description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
type: "string"
kind:
description: "Kind is the type of resource being referenced"
@@ -3158,14 +3183,14 @@ spec:
description: "Name is the name of resource being referenced"
type: "string"
namespace:
- description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
+ description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
type: "string"
required:
- "kind"
- "name"
type: "object"
resources:
- description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
+ description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
limits:
additionalProperties:
@@ -3174,7 +3199,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -3183,7 +3208,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
selector:
@@ -3192,16 +3217,16 @@ spec:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -3213,17 +3238,18 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
storageClassName:
- description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
+ description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
volumeAttributesClassName:
- description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
type: "string"
volumeMode:
- description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec."
+ description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
volumeName:
description: "volumeName is the binding reference to the PersistentVolume backing this claim."
@@ -3237,14 +3263,14 @@ spec:
description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
lun:
description: "lun is Optional: FC target lun number"
format: "int32"
type: "integer"
readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
targetWWNs:
description: "targetWWNs is Optional: FC target worldwide names (WWNs)"
@@ -3252,19 +3278,19 @@ spec:
type: "string"
type: "array"
wwids:
- description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
+ description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
items:
type: "string"
type: "array"
type: "object"
flexVolume:
- description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin."
+ description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
properties:
driver:
description: "driver is the name of the driver to use for this volume."
type: "string"
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
type: "string"
options:
additionalProperties:
@@ -3272,15 +3298,16 @@ spec:
description: "options is Optional: this field holds extra command options if any."
type: "object"
readOnly:
- description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts."
+ description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "driver"
type: "object"
@@ -3288,36 +3315,36 @@ spec:
description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running"
properties:
datasetName:
- description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated"
+ description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated"
type: "string"
datasetUUID:
description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset"
type: "string"
type: "object"
gcePersistentDisk:
- description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
properties:
fsType:
- description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
partition:
- description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
format: "int32"
type: "integer"
pdName:
- description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
type: "string"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
type: "boolean"
required:
- "pdName"
type: "object"
gitRepo:
- description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container."
+ description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container."
properties:
directory:
- description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name."
+ description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name."
type: "string"
repository:
description: "repository is the URL"
@@ -3329,35 +3356,35 @@ spec:
- "repository"
type: "object"
glusterfs:
- description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md"
+ description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md"
properties:
endpoints:
- description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "string"
path:
- description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "string"
readOnly:
- description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "boolean"
required:
- "endpoints"
- "path"
type: "object"
hostPath:
- description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write."
+ description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write."
properties:
path:
- description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
+ description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
type: "string"
type:
- description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
+ description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
type: "string"
required:
- "path"
type: "object"
iscsi:
- description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md"
+ description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md"
properties:
chapAuthDiscovery:
description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication"
@@ -3366,38 +3393,39 @@ spec:
description: "chapAuthSession defines whether support iSCSI Session CHAP authentication"
type: "boolean"
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
initiatorName:
- description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection."
+ description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection."
type: "string"
iqn:
description: "iqn is the target iSCSI Qualified Name."
type: "string"
iscsiInterface:
- description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)."
+ description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)."
type: "string"
lun:
description: "lun represents iSCSI Target Lun number."
format: "int32"
type: "integer"
portals:
- description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)."
+ description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
items:
type: "string"
type: "array"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false."
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
type: "boolean"
secretRef:
description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
targetPortal:
- description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)."
+ description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
type: "string"
required:
- "iqn"
@@ -3405,32 +3433,32 @@ spec:
- "targetPortal"
type: "object"
name:
- description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
nfs:
- description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
properties:
path:
- description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "string"
readOnly:
- description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "boolean"
server:
- description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "string"
required:
- "path"
- "server"
type: "object"
persistentVolumeClaim:
- description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
+ description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
properties:
claimName:
- description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
+ description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
type: "string"
readOnly:
- description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false."
+ description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false."
type: "boolean"
required:
- "claimName"
@@ -3439,7 +3467,7 @@ spec:
description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
pdID:
description: "pdID is the ID that identifies Photon Controller persistent disk"
@@ -3451,10 +3479,10 @@ spec:
description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
volumeID:
description: "volumeID uniquely identifies a Portworx volume"
@@ -3466,7 +3494,7 @@ spec:
description: "projected items for all in one resources secrets, configmaps, and downward API"
properties:
defaultMode:
- description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
sources:
@@ -3475,24 +3503,24 @@ spec:
description: "Projection that may be projected along with other supported volume types"
properties:
clusterTrustBundle:
- description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time."
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
properties:
labelSelector:
- description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"."
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -3504,20 +3532,21 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
name:
- description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector."
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
type: "string"
optional:
- description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles."
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
type: "boolean"
path:
description: "Relative path from the volume root to write the bundle."
type: "string"
signerName:
- description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated."
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
type: "string"
required:
- "path"
@@ -3526,7 +3555,7 @@ spec:
description: "configMap information about the configMap data to project"
properties:
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3534,11 +3563,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3546,12 +3575,13 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
downwardAPI:
description: "downwardAPI information about the downwardAPI data to project"
properties:
@@ -3572,15 +3602,16 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
type: "string"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -3598,6 +3629,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "path"
type: "object"
@@ -3607,7 +3639,7 @@ spec:
description: "secret information about the secret data to project"
properties:
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3615,11 +3647,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3627,24 +3659,25 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional field specify whether the Secret or its key must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
serviceAccountToken:
description: "serviceAccountToken is information about the serviceAccountToken data to project"
properties:
audience:
- description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver."
+ description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver."
type: "string"
expirationSeconds:
- description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes."
+ description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes."
format: "int64"
type: "integer"
path:
- description: "path is the path relative to the mount point of the file to project the token into."
+ description: "path is the path relative to the mount point of the file to project the\ntoken into."
type: "string"
required:
- "path"
@@ -3656,19 +3689,19 @@ spec:
description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
properties:
group:
- description: "group to map volume access to Default is no group"
+ description: "group to map volume access to\nDefault is no group"
type: "string"
readOnly:
- description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false."
+ description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false."
type: "boolean"
registry:
- description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes"
+ description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes"
type: "string"
tenant:
- description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin"
+ description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin"
type: "string"
user:
- description: "user to map volume access to Defaults to serivceaccount user"
+ description: "user to map volume access to\nDefaults to serivceaccount user"
type: "string"
volume:
description: "volume is a string that references an already created Quobyte volume by name."
@@ -3678,37 +3711,38 @@ spec:
- "volume"
type: "object"
rbd:
- description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md"
+ description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md"
properties:
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
image:
- description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
keyring:
- description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
monitors:
- description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
items:
type: "string"
type: "array"
pool:
- description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "boolean"
secretRef:
- description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
user:
- description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
required:
- "image"
@@ -3718,7 +3752,7 @@ spec:
description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"."
type: "string"
gateway:
description: "gateway is the host address of the ScaleIO API Gateway."
@@ -3727,20 +3761,21 @@ spec:
description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage."
type: "string"
readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail."
+ description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
sslEnabled:
description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false"
type: "boolean"
storageMode:
- description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned."
+ description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned."
type: "string"
storagePool:
description: "storagePool is the ScaleIO Storage Pool associated with the protection domain."
@@ -3749,7 +3784,7 @@ spec:
description: "system is the name of the storage system as configured in ScaleIO."
type: "string"
volumeName:
- description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source."
+ description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source."
type: "string"
required:
- "gateway"
@@ -3757,14 +3792,14 @@ spec:
- "system"
type: "object"
secret:
- description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
+ description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
properties:
defaultMode:
- description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
- description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3772,11 +3807,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3787,37 +3822,38 @@ spec:
description: "optional field specify whether the Secret or its keys must be defined"
type: "boolean"
secretName:
- description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
+ description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
type: "string"
type: "object"
storageos:
description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted."
+ description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
volumeName:
- description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace."
+ description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace."
type: "string"
volumeNamespace:
- description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created."
+ description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created."
type: "string"
type: "object"
vsphereVolume:
description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
storagePolicyID:
description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName."
@@ -3863,7 +3899,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3878,7 +3914,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -3886,7 +3922,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -3900,10 +3936,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3913,13 +3949,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -3946,10 +3982,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -3963,7 +3999,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -3986,14 +4022,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4005,7 +4041,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -4030,7 +4066,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4040,7 +4076,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -4094,41 +4130,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -4139,7 +4175,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4150,7 +4186,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4164,34 +4200,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -4204,7 +4240,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -4217,7 +4253,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -4226,7 +4262,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4240,11 +4276,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -4258,7 +4294,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4358,13 +4394,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4377,7 +4413,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -4399,7 +4435,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4413,15 +4449,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -4431,13 +4467,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -4464,7 +4500,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -4488,7 +4524,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -4498,7 +4534,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4528,12 +4564,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -4541,14 +4577,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -4558,31 +4594,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -4591,45 +4627,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -4641,7 +4677,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4680,12 +4716,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -4697,15 +4733,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -4717,12 +4753,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4733,7 +4769,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4754,44 +4790,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4802,7 +4838,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4824,7 +4860,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4841,7 +4877,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -4850,7 +4886,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4863,9 +4899,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -4873,10 +4909,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4889,10 +4925,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4902,38 +4938,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -4944,7 +4980,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4971,14 +5007,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -4992,7 +5028,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -5018,7 +5054,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -5076,24 +5112,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
uri:
description: "URI can be used to specify the (Camel) endpoint explicitly"
type: "string"
@@ -5125,24 +5162,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
uri:
description: "URI can be used to specify the (Camel) endpoint explicitly"
type: "string"
@@ -5176,24 +5214,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
uri:
description: "URI can be used to specify the (Camel) endpoint explicitly"
type: "string"
@@ -5241,10 +5280,10 @@ spec:
description: "Unique, one-word, CamelCase reason for the condition's last transition."
type: "string"
status:
- description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
+ description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
type: "string"
type:
- description: "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
+ description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
type: "string"
required:
- "status"
@@ -5254,7 +5293,7 @@ spec:
items:
properties:
data:
- description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding."
+ description: "RawMessage is a raw encoded JSON value.\nIt implements Marshaler and Unmarshaler and can\nbe used to delay JSON decoding or precompute a JSON encoding."
x-kubernetes-preserve-unknown-fields: true
name:
type: "string"
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml
index cde47d535..606d2eb11 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "kameletbindings.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -37,10 +35,10 @@ spec:
description: "KameletBinding is the Schema for the kamelets binding API."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -55,7 +53,7 @@ spec:
description: "Integration is an optional integration used to specify custom parameters"
properties:
configuration:
- description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes"
+ description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes"
items:
description: "ConfigurationSpec represents a generic configuration specification."
properties:
@@ -89,24 +87,25 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
profile:
description: "the profile needed to run this Integration"
type: "string"
@@ -146,7 +145,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -154,7 +153,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -195,17 +194,17 @@ spec:
description: "A single application container that you want to run within a pod."
properties:
args:
- description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -213,7 +212,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -225,7 +224,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -233,8 +232,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -245,8 +245,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -264,6 +265,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -271,7 +273,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -279,13 +281,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -293,12 +296,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -306,31 +310,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated."
+ description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -339,7 +344,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -347,7 +352,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -364,10 +369,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -383,7 +388,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -392,20 +397,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -414,7 +419,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -422,7 +427,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -439,10 +444,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -458,7 +463,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -467,7 +472,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -475,19 +480,19 @@ spec:
type: "object"
type: "object"
livenessProbe:
- description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -498,7 +503,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -507,7 +512,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -515,7 +520,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -532,24 +537,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -562,45 +567,45 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."
+ description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
type: "string"
ports:
- description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated."
+ description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
items:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -611,19 +616,19 @@ spec:
- "protocol"
x-kubernetes-list-type: "map"
readinessProbe:
- description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -634,7 +639,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -643,7 +648,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -651,7 +656,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -668,24 +673,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -698,17 +703,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -718,10 +723,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -730,15 +735,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -754,7 +759,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -763,20 +768,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed."
+ description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
type: "string"
securityContext:
- description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -792,27 +797,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -828,48 +833,48 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -880,7 +885,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -889,7 +894,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -897,7 +902,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -914,24 +919,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -944,34 +949,34 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -990,27 +995,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -1018,7 +1023,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -1030,20 +1035,20 @@ spec:
ephemeralContainers:
description: "EphemeralContainers"
items:
- description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted."
+ description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted."
properties:
args:
- description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -1051,7 +1056,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -1063,7 +1068,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1071,8 +1076,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -1083,8 +1089,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -1102,6 +1109,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -1109,7 +1117,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1117,13 +1125,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -1131,12 +1140,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -1144,31 +1154,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images"
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images"
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
description: "Lifecycle is not allowed for ephemeral containers."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -1177,7 +1188,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1185,7 +1196,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1202,10 +1213,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -1221,7 +1232,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -1230,20 +1241,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -1252,7 +1263,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1260,7 +1271,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1277,10 +1288,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -1296,7 +1307,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -1305,7 +1316,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -1319,13 +1330,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1336,7 +1347,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1345,7 +1356,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1353,7 +1364,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1370,24 +1381,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1400,22 +1411,22 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers."
+ description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers."
type: "string"
ports:
description: "Ports are not allowed for ephemeral containers."
@@ -1423,22 +1434,22 @@ spec:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -1455,13 +1466,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1472,7 +1483,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1481,7 +1492,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1489,7 +1500,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1506,24 +1517,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1536,17 +1547,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -1556,10 +1567,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -1568,15 +1579,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod."
+ description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod."
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -1592,7 +1603,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -1601,20 +1612,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers."
+ description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers."
type: "string"
securityContext:
- description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
+ description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -1630,27 +1641,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -1666,31 +1677,31 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
@@ -1701,13 +1712,13 @@ spec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -1718,7 +1729,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -1727,7 +1738,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -1735,7 +1746,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -1752,24 +1763,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -1782,37 +1793,37 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
targetContainerName:
- description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined."
+ description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined."
type: "string"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -1831,27 +1842,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -1859,7 +1870,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -1871,17 +1882,17 @@ spec:
description: "A single application container that you want to run within a pod."
properties:
args:
- description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
command:
- description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
+ description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
env:
- description: "List of environment variables to set in the container. Cannot be updated."
+ description: "List of environment variables to set in the container.\nCannot be updated."
items:
description: "EnvVar represents an environment variable present in a Container."
properties:
@@ -1889,7 +1900,7 @@ spec:
description: "Name of the environment variable. Must be a C_IDENTIFIER."
type: "string"
value:
- description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"."
+ description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
type: "string"
valueFrom:
description: "Source for the environment variable's value. Cannot be used if value is not empty."
@@ -1901,7 +1912,7 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1909,8 +1920,9 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
+ description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -1921,8 +1933,9 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -1940,6 +1953,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
secretKeyRef:
description: "Selects a key of a secret in the pod's namespace"
properties:
@@ -1947,7 +1961,7 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1955,13 +1969,14 @@ spec:
required:
- "key"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
required:
- "name"
type: "object"
type: "array"
envFrom:
- description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."
+ description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
description: "EnvFromSource represents the source of a set of ConfigMaps"
properties:
@@ -1969,12 +1984,13 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
prefix:
description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
type: "string"
@@ -1982,31 +1998,32 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "Specify whether the Secret must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
image:
- description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."
+ description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
imagePullPolicy:
- description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
+ description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
type: "string"
lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated."
+ description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
properties:
postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -2015,7 +2032,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2023,7 +2040,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2040,10 +2057,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -2059,7 +2076,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -2068,20 +2085,20 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
type: "object"
preStop:
- description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
+ description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
@@ -2090,7 +2107,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2098,7 +2115,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2115,10 +2132,10 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
@@ -2134,7 +2151,7 @@ spec:
- "seconds"
type: "object"
tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified."
+ description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
host:
description: "Optional: Host name to connect to, defaults to the pod IP."
@@ -2143,7 +2160,7 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
@@ -2151,19 +2168,19 @@ spec:
type: "object"
type: "object"
livenessProbe:
- description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2174,7 +2191,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2183,7 +2200,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2191,7 +2208,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2208,24 +2225,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2238,45 +2255,45 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
name:
- description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."
+ description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
type: "string"
ports:
- description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated."
+ description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
items:
description: "ContainerPort represents a network port in a single container."
properties:
containerPort:
- description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536."
+ description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
format: "int32"
type: "integer"
hostIP:
description: "What host IP to bind the external port to."
type: "string"
hostPort:
- description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this."
+ description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
format: "int32"
type: "integer"
name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services."
+ description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
type: "string"
protocol:
default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"."
+ description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
type: "string"
required:
- "containerPort"
@@ -2287,19 +2304,19 @@ spec:
- "protocol"
x-kubernetes-list-type: "map"
readinessProbe:
- description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2310,7 +2327,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2319,7 +2336,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2327,7 +2344,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2344,24 +2361,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2374,17 +2391,17 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
@@ -2394,10 +2411,10 @@ spec:
description: "ContainerResizePolicy represents resource resize policy for the container."
properties:
resourceName:
- description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory."
+ description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
type: "string"
restartPolicy:
- description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired."
+ description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
type: "string"
required:
- "resourceName"
@@ -2406,15 +2423,15 @@ spec:
type: "array"
x-kubernetes-list-type: "atomic"
resources:
- description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
properties:
claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
+ description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
items:
description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
properties:
name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container."
+ description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
type: "string"
required:
- "name"
@@ -2430,7 +2447,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -2439,20 +2456,20 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed."
+ description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
type: "string"
securityContext:
- description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
+ description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
properties:
allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."
+ description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
capabilities:
- description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
+ description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
add:
description: "Added capabilities"
@@ -2468,27 +2485,27 @@ spec:
type: "array"
type: "object"
privileged:
- description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
procMount:
- description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."
+ description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."
+ description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -2504,48 +2521,48 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
properties:
exec:
description: "Exec specifies the action to take."
properties:
command:
- description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."
+ description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
items:
type: "string"
type: "array"
type: "object"
failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."
+ description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
format: "int32"
type: "integer"
grpc:
@@ -2556,7 +2573,7 @@ spec:
format: "int32"
type: "integer"
service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
+ description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
type: "string"
required:
- "port"
@@ -2565,7 +2582,7 @@ spec:
description: "HTTPGet specifies the http request to perform."
properties:
host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."
+ description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
type: "string"
httpHeaders:
description: "Custom headers to set in the request. HTTP allows repeated headers."
@@ -2573,7 +2590,7 @@ spec:
description: "HTTPHeader describes a custom header to be used in HTTP probes"
properties:
name:
- description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header."
+ description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
type: "string"
value:
description: "The header field value"
@@ -2590,24 +2607,24 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
scheme:
- description: "Scheme to use for connecting to the host. Defaults to HTTP."
+ description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
type: "string"
required:
- "port"
type: "object"
initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
periodSeconds:
- description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."
+ description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
format: "int32"
type: "integer"
successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
+ description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
format: "int32"
type: "integer"
tcpSocket:
@@ -2620,34 +2637,34 @@ spec:
anyOf:
- type: "integer"
- type: "string"
- description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME."
+ description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
x-kubernetes-int-or-string: true
required:
- "port"
type: "object"
terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
+ description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
format: "int64"
type: "integer"
timeoutSeconds:
- description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
+ description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
format: "int32"
type: "integer"
type: "object"
stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."
+ description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
type: "boolean"
stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"
+ description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
type: "boolean"
terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."
+ description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
type: "string"
terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."
+ description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
type: "string"
tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."
+ description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
type: "boolean"
volumeDevices:
description: "volumeDevices is the list of block devices to be used by the container."
@@ -2666,27 +2683,27 @@ spec:
type: "object"
type: "array"
volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Cannot be updated."
+ description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
description: "VolumeMount describes a mounting of a Volume within a container."
properties:
mountPath:
- description: "Path within the container at which the volume should be mounted. Must not contain ':'."
+ description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
type: "string"
name:
description: "This must match the Name of a Volume."
type: "string"
readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false."
+ description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
subPath:
- description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)."
+ description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive."
+ description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
type: "string"
required:
- "mountPath"
@@ -2694,7 +2711,7 @@ spec:
type: "object"
type: "array"
workingDir:
- description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."
+ description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
required:
- "name"
@@ -2712,25 +2729,25 @@ spec:
description: "PodSecurityContext"
properties:
fsGroup:
- description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
fsGroupChangePolicy:
- description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows."
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
type: "string"
runAsGroup:
- description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
runAsNonRoot:
- description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "boolean"
runAsUser:
- description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
type: "integer"
seLinuxOptions:
- description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
properties:
level:
description: "Level is SELinux level label that applies to the container."
@@ -2746,25 +2763,25 @@ spec:
type: "string"
type: "object"
seccompProfile:
- description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
properties:
localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type."
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
type: "string"
type:
- description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
type: "string"
required:
- "type"
type: "object"
supplementalGroups:
- description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows."
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
items:
format: "int64"
type: "integer"
type: "array"
sysctls:
- description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows."
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
items:
description: "Sysctl defines a kernel parameter to be set"
properties:
@@ -2780,19 +2797,19 @@ spec:
type: "object"
type: "array"
windowsOptions:
- description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux."
+ description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."
+ description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
type: "string"
gmsaCredentialSpecName:
description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
type: "string"
hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."
+ description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
type: "boolean"
runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
+ description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
type: "string"
type: "object"
type: "object"
@@ -2806,21 +2823,21 @@ spec:
description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology."
properties:
labelSelector:
- description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain."
+ description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -2832,34 +2849,35 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
maxSkew:
- description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed."
+ description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed."
format: "int32"
type: "integer"
minDomains:
- description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
format: "int32"
type: "integer"
nodeAffinityPolicy:
- description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
+ description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: "string"
nodeTaintsPolicy:
- description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
+ description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
type: "string"
topologyKey:
- description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field."
+ description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field."
type: "string"
whenUnsatisfiable:
- description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field."
+ description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field."
type: "string"
required:
- "maxSkew"
@@ -2873,20 +2891,20 @@ spec:
description: "Volume represents a named volume in a pod that may be accessed by any container in the pod."
properties:
awsElasticBlockStore:
- description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
properties:
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
partition:
- description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
+ description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
format: "int32"
type: "integer"
readOnly:
- description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
type: "boolean"
volumeID:
- description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
+ description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
type: "string"
required:
- "volumeID"
@@ -2904,13 +2922,13 @@ spec:
description: "diskURI is the URI of data disk in the blob storage"
type: "string"
fsType:
- description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
kind:
description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared"
type: "string"
readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
required:
- "diskName"
@@ -2920,7 +2938,7 @@ spec:
description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod."
properties:
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretName:
description: "secretName is the name of secret that contains Azure Storage Account Name and Key"
@@ -2936,7 +2954,7 @@ spec:
description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime"
properties:
monitors:
- description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
items:
type: "string"
type: "array"
@@ -2944,42 +2962,44 @@ spec:
description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
type: "string"
readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "boolean"
secretFile:
- description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "string"
secretRef:
- description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
user:
- description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
+ description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
type: "string"
required:
- "monitors"
type: "object"
cinder:
- description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "boolean"
secretRef:
- description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack."
+ description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
volumeID:
- description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md"
+ description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
type: "string"
required:
- "volumeID"
@@ -2988,11 +3008,11 @@ spec:
description: "configMap represents a configMap that should populate this volume"
properties:
defaultMode:
- description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3000,11 +3020,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3012,35 +3032,37 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
csi:
description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)."
properties:
driver:
- description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster."
+ description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster."
type: "string"
fsType:
- description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply."
+ description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply."
type: "string"
nodePublishSecretRef:
- description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed."
+ description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
readOnly:
- description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)."
+ description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)."
type: "boolean"
volumeAttributes:
additionalProperties:
type: "string"
- description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values."
+ description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
type: "object"
required:
- "driver"
@@ -3049,7 +3071,7 @@ spec:
description: "downwardAPI represents downward API about the pod that should populate this volume"
properties:
defaultMode:
- description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
@@ -3069,15 +3091,16 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
type: "string"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -3095,47 +3118,48 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "path"
type: "object"
type: "array"
type: "object"
emptyDir:
- description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
properties:
medium:
- description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
type: "string"
sizeLimit:
anyOf:
- type: "integer"
- type: "string"
- description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
+ description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
type: "object"
ephemeral:
- description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
+ description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time."
properties:
volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
+ description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil."
properties:
metadata:
- description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation."
+ description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
type: "object"
spec:
- description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here."
+ description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here."
properties:
accessModes:
- description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
+ description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
items:
type: "string"
type: "array"
dataSource:
- description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource."
+ description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
properties:
apiGroup:
- description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required."
+ description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
type: "string"
kind:
description: "Kind is the type of resource being referenced"
@@ -3147,11 +3171,12 @@ spec:
- "kind"
- "name"
type: "object"
+ x-kubernetes-map-type: "atomic"
dataSourceRef:
- description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
+ description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
properties:
apiGroup:
- description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required."
+ description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
type: "string"
kind:
description: "Kind is the type of resource being referenced"
@@ -3160,14 +3185,14 @@ spec:
description: "Name is the name of resource being referenced"
type: "string"
namespace:
- description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
+ description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
type: "string"
required:
- "kind"
- "name"
type: "object"
resources:
- description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
+ description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
limits:
additionalProperties:
@@ -3176,7 +3201,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
requests:
additionalProperties:
@@ -3185,7 +3210,7 @@ spec:
- type: "string"
pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
+ description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: "object"
type: "object"
selector:
@@ -3194,16 +3219,16 @@ spec:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -3215,17 +3240,18 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
storageClassName:
- description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
+ description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
volumeAttributesClassName:
- description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
type: "string"
volumeMode:
- description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec."
+ description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
volumeName:
description: "volumeName is the binding reference to the PersistentVolume backing this claim."
@@ -3239,14 +3265,14 @@ spec:
description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
lun:
description: "lun is Optional: FC target lun number"
format: "int32"
type: "integer"
readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
targetWWNs:
description: "targetWWNs is Optional: FC target worldwide names (WWNs)"
@@ -3254,19 +3280,19 @@ spec:
type: "string"
type: "array"
wwids:
- description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
+ description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
items:
type: "string"
type: "array"
type: "object"
flexVolume:
- description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin."
+ description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
properties:
driver:
description: "driver is the name of the driver to use for this volume."
type: "string"
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
type: "string"
options:
additionalProperties:
@@ -3274,15 +3300,16 @@ spec:
description: "options is Optional: this field holds extra command options if any."
type: "object"
readOnly:
- description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts."
+ description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "driver"
type: "object"
@@ -3290,36 +3317,36 @@ spec:
description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running"
properties:
datasetName:
- description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated"
+ description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated"
type: "string"
datasetUUID:
description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset"
type: "string"
type: "object"
gcePersistentDisk:
- description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
properties:
fsType:
- description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
partition:
- description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
format: "int32"
type: "integer"
pdName:
- description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
type: "string"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
type: "boolean"
required:
- "pdName"
type: "object"
gitRepo:
- description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container."
+ description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container."
properties:
directory:
- description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name."
+ description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name."
type: "string"
repository:
description: "repository is the URL"
@@ -3331,35 +3358,35 @@ spec:
- "repository"
type: "object"
glusterfs:
- description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md"
+ description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md"
properties:
endpoints:
- description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "string"
path:
- description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "string"
readOnly:
- description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
+ description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
type: "boolean"
required:
- "endpoints"
- "path"
type: "object"
hostPath:
- description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write."
+ description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write."
properties:
path:
- description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
+ description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
type: "string"
type:
- description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
+ description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
type: "string"
required:
- "path"
type: "object"
iscsi:
- description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md"
+ description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md"
properties:
chapAuthDiscovery:
description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication"
@@ -3368,38 +3395,39 @@ spec:
description: "chapAuthSession defines whether support iSCSI Session CHAP authentication"
type: "boolean"
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
initiatorName:
- description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection."
+ description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection."
type: "string"
iqn:
description: "iqn is the target iSCSI Qualified Name."
type: "string"
iscsiInterface:
- description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)."
+ description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)."
type: "string"
lun:
description: "lun represents iSCSI Target Lun number."
format: "int32"
type: "integer"
portals:
- description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)."
+ description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
items:
type: "string"
type: "array"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false."
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
type: "boolean"
secretRef:
description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
targetPortal:
- description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)."
+ description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
type: "string"
required:
- "iqn"
@@ -3407,32 +3435,32 @@ spec:
- "targetPortal"
type: "object"
name:
- description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
nfs:
- description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
properties:
path:
- description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "string"
readOnly:
- description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "boolean"
server:
- description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
+ description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
type: "string"
required:
- "path"
- "server"
type: "object"
persistentVolumeClaim:
- description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
+ description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
properties:
claimName:
- description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
+ description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
type: "string"
readOnly:
- description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false."
+ description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false."
type: "boolean"
required:
- "claimName"
@@ -3441,7 +3469,7 @@ spec:
description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
pdID:
description: "pdID is the ID that identifies Photon Controller persistent disk"
@@ -3453,10 +3481,10 @@ spec:
description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
volumeID:
description: "volumeID uniquely identifies a Portworx volume"
@@ -3468,7 +3496,7 @@ spec:
description: "projected items for all in one resources secrets, configmaps, and downward API"
properties:
defaultMode:
- description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
sources:
@@ -3477,24 +3505,24 @@ spec:
description: "Projection that may be projected along with other supported volume types"
properties:
clusterTrustBundle:
- description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time."
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
properties:
labelSelector:
- description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"."
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values."
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
properties:
key:
description: "key is the label key that the selector applies to."
type: "string"
operator:
- description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
type: "string"
values:
- description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
items:
type: "string"
type: "array"
@@ -3506,20 +3534,21 @@ spec:
matchLabels:
additionalProperties:
type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
type: "object"
type: "object"
+ x-kubernetes-map-type: "atomic"
name:
- description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector."
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
type: "string"
optional:
- description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles."
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
type: "boolean"
path:
description: "Relative path from the volume root to write the bundle."
type: "string"
signerName:
- description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated."
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
type: "string"
required:
- "path"
@@ -3528,7 +3557,7 @@ spec:
description: "configMap information about the configMap data to project"
properties:
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3536,11 +3565,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3548,12 +3577,13 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
downwardAPI:
description: "downwardAPI information about the downwardAPI data to project"
properties:
@@ -3574,15 +3604,16 @@ spec:
required:
- "fieldPath"
type: "object"
+ x-kubernetes-map-type: "atomic"
mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
type: "string"
resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
+ description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
properties:
containerName:
description: "Container name: required for volumes, optional for env vars"
@@ -3600,6 +3631,7 @@ spec:
required:
- "resource"
type: "object"
+ x-kubernetes-map-type: "atomic"
required:
- "path"
type: "object"
@@ -3609,7 +3641,7 @@ spec:
description: "secret information about the secret data to project"
properties:
items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3617,11 +3649,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3629,24 +3661,25 @@ spec:
type: "object"
type: "array"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
optional:
description: "optional field specify whether the Secret or its key must be defined"
type: "boolean"
type: "object"
+ x-kubernetes-map-type: "atomic"
serviceAccountToken:
description: "serviceAccountToken is information about the serviceAccountToken data to project"
properties:
audience:
- description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver."
+ description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver."
type: "string"
expirationSeconds:
- description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes."
+ description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes."
format: "int64"
type: "integer"
path:
- description: "path is the path relative to the mount point of the file to project the token into."
+ description: "path is the path relative to the mount point of the file to project the\ntoken into."
type: "string"
required:
- "path"
@@ -3658,19 +3691,19 @@ spec:
description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
properties:
group:
- description: "group to map volume access to Default is no group"
+ description: "group to map volume access to\nDefault is no group"
type: "string"
readOnly:
- description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false."
+ description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false."
type: "boolean"
registry:
- description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes"
+ description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes"
type: "string"
tenant:
- description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin"
+ description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin"
type: "string"
user:
- description: "user to map volume access to Defaults to serivceaccount user"
+ description: "user to map volume access to\nDefaults to serivceaccount user"
type: "string"
volume:
description: "volume is a string that references an already created Quobyte volume by name."
@@ -3680,37 +3713,38 @@ spec:
- "volume"
type: "object"
rbd:
- description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md"
+ description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md"
properties:
fsType:
- description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine"
+ description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine"
type: "string"
image:
- description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
keyring:
- description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
monitors:
- description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
items:
type: "string"
type: "array"
pool:
- description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "boolean"
secretRef:
- description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
user:
- description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
+ description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
required:
- "image"
@@ -3720,7 +3754,7 @@ spec:
description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"."
type: "string"
gateway:
description: "gateway is the host address of the ScaleIO API Gateway."
@@ -3729,20 +3763,21 @@ spec:
description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage."
type: "string"
readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail."
+ description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
sslEnabled:
description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false"
type: "boolean"
storageMode:
- description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned."
+ description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned."
type: "string"
storagePool:
description: "storagePool is the ScaleIO Storage Pool associated with the protection domain."
@@ -3751,7 +3786,7 @@ spec:
description: "system is the name of the storage system as configured in ScaleIO."
type: "string"
volumeName:
- description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source."
+ description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source."
type: "string"
required:
- "gateway"
@@ -3759,14 +3794,14 @@ spec:
- "system"
type: "object"
secret:
- description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
+ description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
properties:
defaultMode:
- description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
items:
- description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'."
+ description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
items:
description: "Maps a string key to a path within a volume."
properties:
@@ -3774,11 +3809,11 @@ spec:
description: "key is the key to project."
type: "string"
mode:
- description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."
+ description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
format: "int32"
type: "integer"
path:
- description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."
+ description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
type: "string"
required:
- "key"
@@ -3789,37 +3824,38 @@ spec:
description: "optional field specify whether the Secret or its keys must be defined"
type: "boolean"
secretName:
- description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
+ description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
type: "string"
type: "object"
storageos:
description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes."
properties:
fsType:
- description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts."
+ description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
type: "boolean"
secretRef:
- description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted."
+ description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
volumeName:
- description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace."
+ description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace."
type: "string"
volumeNamespace:
- description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created."
+ description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created."
type: "string"
type: "object"
vsphereVolume:
description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine"
properties:
fsType:
- description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
+ description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
type: "string"
storagePolicyID:
description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName."
@@ -3865,7 +3901,7 @@ spec:
description: "The configuration of Affinity trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3880,7 +3916,7 @@ spec:
description: "Always co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with."
items:
type: "string"
type: "array"
@@ -3888,7 +3924,7 @@ spec:
description: "Never co-locates multiple replicas of the integration in the same node (default `false`)."
type: "boolean"
podAntiAffinityLabels:
- description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with."
+ description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with."
items:
type: "string"
type: "array"
@@ -3902,10 +3938,10 @@ spec:
description: "When using `pod` strategy, annotation to use for the builder pod."
type: "object"
baseImage:
- description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)."
+ description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -3915,13 +3951,13 @@ spec:
description: "Use the incremental image build option, to reuse existing containers (default `true`)"
type: "boolean"
limitCPU:
- description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
limitMemory:
- description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
mavenProfiles:
- description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
+ description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)."
items:
type: "string"
type: "array"
@@ -3948,10 +3984,10 @@ spec:
type: "string"
type: "array"
requestCPU:
- description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
requestMemory:
- description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`."
+ description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`."
type: "string"
strategy:
description: "The strategy to use, either `pod` or `routine` (default `routine`)"
@@ -3965,7 +4001,7 @@ spec:
type: "string"
type: "array"
tasksFilter:
- description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy."
+ description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy."
type: "string"
tasksLimitCPU:
description: "A list of limit cpu configuration for the specific task with format `:`."
@@ -3988,14 +4024,14 @@ spec:
type: "string"
type: "array"
verbose:
- description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use"
+ description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use"
type: "boolean"
type: "object"
camel:
description: "The configuration of Camel trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4007,7 +4043,7 @@ spec:
type: "string"
type: "array"
runtimeVersion:
- description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster."
+ description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster."
type: "string"
type: "object"
container:
@@ -4032,7 +4068,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4042,7 +4078,7 @@ spec:
description: "Can be used to enable/disable exposure via kubernetes Service."
type: "boolean"
image:
- description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
+ description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit."
type: "string"
imagePullPolicy:
description: "The pull policy: Always|Never|IfNotPresent"
@@ -4096,41 +4132,41 @@ spec:
description: "The configuration of Cron trait"
properties:
activeDeadlineSeconds:
- description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s."
+ description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s."
format: "int64"
type: "integer"
auto:
- description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)."
+ description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)."
type: "boolean"
backoffLimit:
- description: "Specifies the number of retries before marking the job failed. It defaults to 2."
+ description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2."
format: "int32"
type: "integer"
components:
- description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`."
+ description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`."
type: "string"
concurrencyPolicy:
- description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one"
+ description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one"
enum:
- "Allow"
- "Forbid"
- "Replace"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
fallback:
- description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob."
+ description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob."
type: "boolean"
schedule:
- description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly."
+ description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly."
type: "string"
startingDeadlineSeconds:
- description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones."
+ description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones."
format: "int64"
type: "integer"
timeZone:
@@ -4141,7 +4177,7 @@ spec:
description: "The configuration of Dependencies trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4152,7 +4188,7 @@ spec:
description: "The configuration of Deployer trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4166,34 +4202,34 @@ spec:
- "knative-service"
type: "string"
useSSA:
- description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
+ description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters."
type: "boolean"
type: "object"
deployment:
description: "The configuration of Deployment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
progressDeadlineSeconds:
- description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`."
+ description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`."
format: "int32"
type: "integer"
rollingUpdateMaxSurge:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`."
+ description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: "integer"
- type: "string"
- description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`."
+ description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`."
x-kubernetes-int-or-string: true
strategy:
description: "The deployment strategy to use to replace existing pods with new ones."
@@ -4206,7 +4242,7 @@ spec:
description: "The configuration of Environment trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
containerMeta:
@@ -4219,7 +4255,7 @@ spec:
description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)"
type: "boolean"
vars:
- description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables."
+ description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables."
items:
type: "string"
type: "array"
@@ -4228,7 +4264,7 @@ spec:
description: "The configuration of Error Handler trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4242,11 +4278,11 @@ spec:
description: "The configuration of GC trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
- description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration."
+ description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration."
enum:
- "disabled"
- "disk"
@@ -4260,7 +4296,7 @@ spec:
description: "The configuration of Health trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4360,13 +4396,13 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
+ description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md"
type: "object"
auto:
description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4379,7 +4415,7 @@ spec:
description: "To configure the path exposed by the ingress (default `/`)."
type: "string"
pathType:
- description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
+ description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)."
enum:
- "Exact"
- "Prefix"
@@ -4401,7 +4437,7 @@ spec:
description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4415,15 +4451,15 @@ spec:
description: "The configuration of Jolokia trait"
properties:
CACert:
- description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
+ description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)."
type: "string"
clientPrincipal:
- description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
+ description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
@@ -4433,13 +4469,13 @@ spec:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
extendedClientCheck:
- description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)."
+ description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)."
type: "boolean"
host:
- description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)."
+ description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)."
type: "string"
options:
- description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
+ description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]"
items:
type: "string"
type: "array"
@@ -4466,7 +4502,7 @@ spec:
description: "Additional JVM classpath (use `Linux` classpath separator)"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
debug:
@@ -4490,7 +4526,7 @@ spec:
type: "string"
type: "array"
printCommand:
- description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use."
+ description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use."
type: "boolean"
type: "object"
kamelets:
@@ -4500,7 +4536,7 @@ spec:
description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4530,12 +4566,12 @@ spec:
description: "Enable automatic discovery of all trait properties."
type: "boolean"
channelSinks:
- description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
channelSources:
- description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs."
+ description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -4543,14 +4579,14 @@ spec:
description: "Can be used to inject a Knative complete configuration in JSON format."
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
endpointSinks:
- description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs."
+ description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs."
items:
type: "string"
type: "array"
@@ -4560,31 +4596,31 @@ spec:
type: "string"
type: "array"
eventSinks:
- description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)."
+ description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)."
items:
type: "string"
type: "array"
eventSources:
- description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
+ description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")."
items:
type: "string"
type: "array"
filterEventType:
- description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
+ description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)"
type: "boolean"
filterSourceChannels:
- description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default."
+ description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default."
type: "boolean"
filters:
- description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration."
+ description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration."
items:
type: "string"
type: "array"
namespaceLabel:
- description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
+ description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)"
type: "boolean"
sinkBinding:
- description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)."
+ description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)."
type: "boolean"
type: "object"
knative-service:
@@ -4593,45 +4629,45 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
auto:
- description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
+ description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)"
type: "boolean"
autoscalingMetric:
- description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information."
type: "string"
autoscalingTarget:
- description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information."
+ description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
class:
- description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information."
+ description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information."
enum:
- "kpa.autoscaling.knative.dev"
- "hpa.autoscaling.knative.dev"
type: "string"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxScale:
- description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information."
+ description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
minScale:
- description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information."
+ description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information."
type: "integer"
rolloutDuration:
- description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision."
+ description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision."
type: "string"
timeoutSeconds:
- description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information."
+ description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information."
format: "int64"
type: "integer"
visibility:
- description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information."
+ description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information."
enum:
- "cluster-local"
type: "string"
@@ -4643,7 +4679,7 @@ spec:
description: "Colorize the log output"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4682,12 +4718,12 @@ spec:
description: "The configuration of Mount trait"
properties:
configs:
- description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
+ description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered"
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
@@ -4699,15 +4735,15 @@ spec:
description: "Deprecated: no longer in use."
type: "boolean"
hotReload:
- description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata."
+ description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata."
type: "boolean"
resources:
- description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
+ description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path"
items:
type: "string"
type: "array"
scanKameletsImplicitLabelSecrets:
- description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
+ description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)."
type: "boolean"
volumes:
description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]"
@@ -4719,12 +4755,12 @@ spec:
description: "The configuration of OpenAPI trait"
properties:
configmaps:
- description: "The configmaps holding the spec of the OpenAPI"
+ description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)."
items:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4735,7 +4771,7 @@ spec:
description: "The configuration of Owner trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4756,44 +4792,44 @@ spec:
description: "The configuration of PDB trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
maxUnavailable:
- description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified."
+ description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified."
type: "string"
minAvailable:
- description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified."
+ description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified."
type: "string"
type: "object"
platform:
description: "The configuration of Platform trait"
properties:
auto:
- description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
createDefault:
- description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
enabled:
description: "Deprecated: no longer in use."
type: "boolean"
global:
- description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
+ description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility"
type: "boolean"
type: "object"
pod:
description: "The configuration of Pod trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4804,7 +4840,7 @@ spec:
description: "The configuration of Prometheus trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4826,7 +4862,7 @@ spec:
description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4843,7 +4879,7 @@ spec:
description: "The configuration of Quarkus trait"
properties:
buildMode:
- description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready."
+ description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready."
items:
description: "QuarkusMode is the type of Quarkus build packaging."
enum:
@@ -4852,7 +4888,7 @@ spec:
type: "string"
type: "array"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4865,9 +4901,9 @@ spec:
description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)"
type: "string"
packageTypes:
- description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead."
+ description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead."
items:
- description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead."
+ description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead."
enum:
- "fast-jar"
- "native"
@@ -4875,10 +4911,10 @@ spec:
type: "array"
type: "object"
registry:
- description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation."
+ description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation."
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4891,10 +4927,10 @@ spec:
annotations:
additionalProperties:
type: "string"
- description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
+ description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\""
type: "object"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4904,38 +4940,38 @@ spec:
description: "To configure the host exposed by the route."
type: "string"
tlsCACertificate:
- description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCACertificateSecret:
- description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificate:
- description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsCertificateSecret:
- description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificate:
- description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information."
+ description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsDestinationCACertificateSecret:
- description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsInsecureEdgeTerminationPolicy:
- description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information."
+ description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "None"
- "Allow"
- "Redirect"
type: "string"
tlsKey:
- description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsKeySecret:
- description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information."
+ description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information."
type: "string"
tlsTermination:
- description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information."
+ description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information."
enum:
- "edge"
- "reencrypt"
@@ -4946,7 +4982,7 @@ spec:
description: "The configuration of Security Context trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -4973,14 +5009,14 @@ spec:
description: "To automatically detect from the code if a Service needs to be created."
type: "boolean"
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
description: "Can be used to enable or disable a trait. All traits share this common property."
type: "boolean"
nodePort:
- description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead."
+ description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead."
type: "boolean"
type:
description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'."
@@ -4994,7 +5030,7 @@ spec:
description: "The configuration of Service Binding trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -5020,7 +5056,7 @@ spec:
description: "The configuration of Toleration trait"
properties:
configuration:
- description: "Legacy trait configuration parameters. Deprecated: for backward compatibility."
+ description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility."
type: "object"
x-kubernetes-preserve-unknown-fields: true
enabled:
@@ -5078,27 +5114,28 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
types:
additionalProperties:
- description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec."
+ description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec."
properties:
mediaType:
description: "media type as expected for HTTP media types (ie, application/json)"
@@ -5112,7 +5149,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -5136,18 +5173,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -5205,7 +5242,7 @@ spec:
type: "string"
type: "object"
type: "object"
- description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. Deprecated: In favor of using DataTypes"
+ description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.\nDeprecated: In favor of using DataTypes"
type: "object"
uri:
description: "URI can be used to specify the (Camel) endpoint explicitly"
@@ -5238,27 +5275,28 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
types:
additionalProperties:
- description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec."
+ description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec."
properties:
mediaType:
description: "media type as expected for HTTP media types (ie, application/json)"
@@ -5272,7 +5310,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -5296,18 +5334,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -5365,7 +5403,7 @@ spec:
type: "string"
type: "object"
type: "object"
- description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. Deprecated: In favor of using DataTypes"
+ description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.\nDeprecated: In favor of using DataTypes"
type: "object"
uri:
description: "URI can be used to specify the (Camel) endpoint explicitly"
@@ -5400,27 +5438,28 @@ spec:
description: "API version of the referent."
type: "string"
fieldPath:
- description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future."
+ description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future."
type: "string"
kind:
- description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
type: "string"
namespace:
- description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
+ description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/"
type: "string"
resourceVersion:
- description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
+ description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
type: "string"
uid:
- description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
+ description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids"
type: "string"
type: "object"
+ x-kubernetes-map-type: "atomic"
types:
additionalProperties:
- description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec."
+ description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec."
properties:
mediaType:
description: "media type as expected for HTTP media types (ie, application/json)"
@@ -5434,7 +5473,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -5458,18 +5497,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -5527,7 +5566,7 @@ spec:
type: "string"
type: "object"
type: "object"
- description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. Deprecated: In favor of using DataTypes"
+ description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.\nDeprecated: In favor of using DataTypes"
type: "object"
uri:
description: "URI can be used to specify the (Camel) endpoint explicitly"
@@ -5576,10 +5615,10 @@ spec:
description: "Unique, one-word, CamelCase reason for the condition's last transition."
type: "string"
status:
- description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
+ description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
type: "string"
type:
- description: "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
+ description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions"
type: "string"
required:
- "status"
@@ -5589,7 +5628,7 @@ spec:
items:
properties:
data:
- description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding."
+ description: "RawMessage is a raw encoded JSON value.\nIt implements Marshaler and Unmarshaler and can\nbe used to delay JSON decoding or precompute a JSON encoding."
x-kubernetes-preserve-unknown-fields: true
name:
type: "string"
diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml
index 210e9e74b..5a7cb2194 100644
--- a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml
+++ b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml
@@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.6.1"
- labels:
- app: "camel-k"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "kamelets.camel.apache.org"
spec:
group: "camel.apache.org"
@@ -33,10 +31,10 @@ spec:
description: "Kamelet is the Schema for the kamelets API."
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -111,7 +109,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -135,18 +133,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -221,7 +219,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -245,18 +243,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -342,7 +340,7 @@ spec:
description: "True if the spec is generated from a Kamelet"
type: "boolean"
interceptors:
- description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources"
+ description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources"
items:
type: "string"
type: "array"
@@ -350,7 +348,7 @@ spec:
description: "specify which is the language (Camel DSL) used to interpret this source code"
type: "string"
loader:
- description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime"
+ description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime"
type: "string"
name:
description: "the name of the specification"
@@ -378,7 +376,7 @@ spec:
x-kubernetes-preserve-unknown-fields: true
types:
additionalProperties:
- description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec."
+ description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec."
properties:
mediaType:
description: "media type as expected for HTTP media types (ie, application/json)"
@@ -392,7 +390,7 @@ spec:
description:
type: "string"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: "ExternalDocumentation allows referencing an external resource for extended documentation."
@@ -416,18 +414,18 @@ spec:
type: "string"
enum:
items:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
type: "array"
example:
- description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
+ description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil."
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: "boolean"
exclusiveMinimum:
type: "boolean"
format:
- description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
+ description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339."
type: "string"
id:
type: "string"
@@ -485,7 +483,7 @@ spec:
type: "string"
type: "object"
type: "object"
- description: "data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes"
+ description: "data specification types for the events consumed/produced by the Kamelet\nDeprecated: In favor of using DataTypes"
type: "object"
type: "object"
status:
diff --git a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml
index 83cd0aa48..2abe57836 100644
--- a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml
+++ b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml
@@ -85,6 +85,15 @@ spec:
type: "integer"
entryClass:
type: "string"
+ flinkStateSnapshotReference:
+ properties:
+ name:
+ type: "string"
+ namespace:
+ type: "string"
+ path:
+ type: "string"
+ type: "object"
initialSavepointPath:
type: "string"
jarURI:
@@ -10136,6 +10145,15 @@ spec:
type: "string"
updateTime:
type: "string"
+ upgradeSnapshotReference:
+ properties:
+ name:
+ type: "string"
+ namespace:
+ type: "string"
+ path:
+ type: "string"
+ type: "object"
type: "object"
lifecycleState:
enum:
diff --git a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml
index b1e2dc0ab..7b9a1e660 100644
--- a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml
+++ b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml
@@ -47,6 +47,15 @@ spec:
type: "integer"
entryClass:
type: "string"
+ flinkStateSnapshotReference:
+ properties:
+ name:
+ type: "string"
+ namespace:
+ type: "string"
+ path:
+ type: "string"
+ type: "object"
initialSavepointPath:
type: "string"
jarURI:
@@ -198,6 +207,15 @@ spec:
type: "string"
updateTime:
type: "string"
+ upgradeSnapshotReference:
+ properties:
+ name:
+ type: "string"
+ namespace:
+ type: "string"
+ path:
+ type: "string"
+ type: "object"
type: "object"
lifecycleState:
enum:
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml
index 8c90bc8f5..a199619a1 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml
@@ -249,7 +249,7 @@ spec:
description: "Specifies the target information to back up, it will override the target in backup policy."
properties:
account:
- description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database.\n\n\nIf `backupPolicy.componentDefRef` (a legacy and deprecated API) is set, the secret defined in\n`clusterDefinition.spec.ConnectionCredential` is used instead."
+ description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database."
type: "string"
connectionCredential:
description: "Specifies the connection credential to connect to the target database cluster."
@@ -275,28 +275,46 @@ spec:
required:
- "secretName"
type: "object"
- connectionCredentialKey:
- description: "Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`.\nIt will be ignored when the `account` is set."
- properties:
- hostKey:
- description: "Defines the key of the host in the connection credential secret."
- type: "string"
- passwordKey:
- description: "Represents the key of the password in the connection credential secret.\nIf not specified, the default key \"password\" is used."
- type: "string"
- portKey:
- description: "Indicates map key of the port in the connection credential secret."
- type: "string"
- usernameKey:
- description: "Represents the key of the username in the connection credential secret.\nIf not specified, the default key \"username\" is used."
- type: "string"
- type: "object"
+ fallbackRole:
+ description: "Specifies the fallback role to select one replica for backup, this only takes effect when the\n`strategy` field below is set to `Any`."
+ type: "string"
name:
description: "Specifies a mandatory and unique identifier for each target when using the \"targets\" field.\nThe backup data for the current target is stored in a uniquely named subdirectory."
type: "string"
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -463,6 +481,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -552,11 +601,6 @@ spec:
- "name"
type: "object"
type: "array"
- componentDefRef:
- description: "Specifies the name of ClusterComponentDefinition defined in the ClusterDefinition.\nMust comply with the IANA Service Naming rule.\n\n\nDeprecated since v0.9, should use `componentDefs` instead.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
- maxLength: 22
- pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
componentDefs:
description: "Specifies a list of names of ComponentDefinitions that the specified ClusterDefinition references.\nThey should be different versions of definitions of the same component,\nthus allowing them to share a single BackupPolicy.\nEach name must adhere to the IANA Service Naming rule."
items:
@@ -588,24 +632,11 @@ spec:
description: "Defines the selection criteria of instance to be backed up, and the connection credential to be used\nduring the backup process."
properties:
account:
- description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database.\n\n\nIf `backupPolicy.componentDefRef` (a legacy and deprecated API) is set, the secret defined in\n`clusterDefinition.spec.ConnectionCredential` is used instead."
+ description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database."
+ type: "string"
+ fallbackRole:
+ description: "Specifies the fallback role to select one replica for backup, this only takes effect when the\n`strategy` field below is set to `Any`."
type: "string"
- connectionCredentialKey:
- description: "Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`.\nIt will be ignored when the `account` is set."
- properties:
- hostKey:
- description: "Defines the key of the host in the connection credential secret."
- type: "string"
- passwordKey:
- description: "Represents the key of the password in the connection credential secret.\nIf not specified, the default key \"password\" is used."
- type: "string"
- portKey:
- description: "Indicates map key of the port in the connection credential secret."
- type: "string"
- usernameKey:
- description: "Represents the key of the username in the connection credential secret.\nIf not specified, the default key \"username\" is used."
- type: "string"
- type: "object"
role:
description: "Specifies the role to select one or more replicas for backup.\n\n\n- If no replica with the specified role exists, the backup task will fail.\n Special case: If there is only one replica in the cluster, it will be used for backup,\n even if its role differs from the specified one.\n For example, if you specify backing up on a secondary replica, but the cluster is single-node\n with only one primary replica, the primary will be used for backup.\n Future versions will address this special case using role priorities.\n- If multiple replicas satisfy the specified role, the choice (`Any` or `All`) will be made according to\n the `strategy` field below."
type: "string"
@@ -623,13 +654,6 @@ spec:
type: "object"
minItems: 1
type: "array"
- clusterDefinitionRef:
- description: "Specifies the name of a ClusterDefinition.\nThis is an immutable attribute that cannot be changed after creation.\nAnd this field is deprecated since v0.9, consider using the ComponentDef instead."
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- x-kubernetes-validations:
- - message: "clusterDefinitionRef is immutable"
- rule: "self == oldSelf"
identifier:
description: "Specifies a unique identifier for the BackupPolicyTemplate.\n\n\nThis identifier will be used as the suffix of the name of automatically generated BackupPolicy.\nThis prevents unintended overwriting of BackupPolicies due to name conflicts when multiple BackupPolicyTemplates\nare present.\nFor instance, using \"backup-policy\" for regular backups and \"backup-policy-hscale\" for horizontal-scale ops\ncan differentiate the policies."
maxLength: 20
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml
index 01dcd467e..b418616f9 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml
@@ -51,5830 +51,6 @@ spec:
spec:
description: "ClusterDefinitionSpec defines the desired state of ClusterDefinition."
properties:
- componentDefs:
- description: "Provides the definitions for the cluster components.\n\n\nDeprecated since v0.9.\nComponents should now be individually defined using ComponentDefinition and\ncollectively referenced via `topology.components`.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
- items:
- description: "ClusterComponentDefinition defines a Component within a ClusterDefinition but is deprecated and\nhas been replaced by ComponentDefinition.\n\n\nDeprecated: Use ComponentDefinition instead. This type is deprecated as of version 0.8."
- properties:
- characterType:
- description: "Defines well-known database component name, such as mongos(mongodb), proxy(redis), mariadb(mysql)."
- type: "string"
- componentDefRef:
- description: "Used to inject values from other components into the current component. Values will be saved and updated in a\nconfigmap and mounted to the current component."
- items:
- description: "ComponentDefRef is used to select the component and its fields to be referenced.\n\n\nDeprecated since v0.8."
- properties:
- componentDefName:
- description: "The name of the componentDef to be selected."
- type: "string"
- componentRefEnv:
- description: "The values that are to be injected as environment variables into each component."
- items:
- description: "ComponentRefEnv specifies name and value of an env.\n\n\nDeprecated since v0.8."
- properties:
- name:
- description: "The name of the env, it must be a C identifier."
- pattern: "^[A-Za-z_][A-Za-z0-9_]*$"
- type: "string"
- value:
- description: "The value of the env."
- type: "string"
- valueFrom:
- description: "The source from which the value of the env."
- properties:
- fieldPath:
- description: "The jsonpath of the source to select when the Type is `FieldRef`.\nTwo objects are registered in the jsonpath: `componentDef` and `components`:\n\n\n- `componentDef` is the component definition object specified in `componentRef.componentDefName`.\n- `components` are the component list objects referring to the component definition object."
- type: "string"
- format:
- default: "=\"$POD_FQDN\""
- description: "Defines the format of each headless service address.\nThree builtin variables can be used as placeholders: `$POD_ORDINAL`, `$POD_FQDN`, `$POD_NAME`\n\n\n- `$POD_ORDINAL` represents the ordinal of the pod.\n- `$POD_FQDN` represents the fully qualified domain name of the pod.\n- `$POD_NAME` represents the name of the pod."
- type: "string"
- joinWith:
- default: ","
- description: "The string used to join the values of headless service addresses."
- type: "string"
- type:
- allOf:
- - enum:
- - "FieldRef"
- - "ServiceRef"
- - "HeadlessServiceRef"
- - enum:
- - "FieldRef"
- - "ServiceRef"
- - "HeadlessServiceRef"
- description: "Specifies the source to select. It can be one of three types: `FieldRef`, `ServiceRef`, `HeadlessServiceRef`."
- type: "string"
- required:
- - "type"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- failurePolicy:
- allOf:
- - enum:
- - "Ignore"
- - "Fail"
- - enum:
- - "Ignore"
- - "Fail"
- description: "Defines the policy to be followed in case of a failure in finding the component."
- type: "string"
- required:
- - "componentDefName"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "componentDefName"
- x-kubernetes-list-type: "map"
- configSpecs:
- description: "Defines the template of configurations."
- items:
- properties:
- asEnvFrom:
- description: "Specifies the containers to inject the ConfigMap parameters as environment variables.\n\n\nThis is useful when application images accept parameters through environment variables and\ngenerate the final configuration file in the startup script based on these variables.\n\n\nThis field allows users to specify a list of container names, and KubeBlocks will inject the environment\nvariables converted from the ConfigMap into these designated containers. This provides a flexible way to\npass the configuration items from the ConfigMap to the container without modifying the image.\n\n\nDeprecated: `asEnvFrom` has been deprecated since 0.9.0 and will be removed in 0.10.0.\nUse `injectEnvTo` instead."
- items:
- type: "string"
- type: "array"
- x-kubernetes-list-type: "set"
- constraintRef:
- description: "Specifies the name of the referenced configuration constraints object."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- defaultMode:
- description: "The operator attempts to set default file permissions for scripts (0555) and configurations (0444).\nHowever, certain database engines may require different file permissions.\nYou can specify the desired file permissions here.\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information."
- format: "int32"
- type: "integer"
- injectEnvTo:
- description: "Specifies the containers to inject the ConfigMap parameters as environment variables.\n\n\nThis is useful when application images accept parameters through environment variables and\ngenerate the final configuration file in the startup script based on these variables.\n\n\nThis field allows users to specify a list of container names, and KubeBlocks will inject the environment\nvariables converted from the ConfigMap into these designated containers. This provides a flexible way to\npass the configuration items from the ConfigMap to the container without modifying the image."
- items:
- type: "string"
- type: "array"
- x-kubernetes-list-type: "set"
- keys:
- description: "Specifies the configuration files within the ConfigMap that support dynamic updates.\n\n\nA configuration template (provided in the form of a ConfigMap) may contain templates for multiple\nconfiguration files.\nEach configuration file corresponds to a key in the ConfigMap.\nSome of these configuration files may support dynamic modification and reloading without requiring\na pod restart.\n\n\nIf empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,\nand ConfigConstraint applies to all keys."
- items:
- type: "string"
- type: "array"
- x-kubernetes-list-type: "set"
- legacyRenderedConfigSpec:
- description: "Specifies the secondary rendered config spec for pod-specific customization.\n\n\nThe template is rendered inside the pod (by the \"config-manager\" sidecar container) and merged with the main\ntemplate's render result to generate the final configuration file.\n\n\nThis field is intended to handle scenarios where different pods within the same Component have\nvarying configurations. It allows for pod-specific customization of the configuration.\n\n\nNote: This field will be deprecated in future versions, and the functionality will be moved to\n`cluster.spec.componentSpecs[*].instances[*]`."
- properties:
- namespace:
- default: "default"
- description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace."
- pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
- policy:
- default: "none"
- description: "Defines the strategy for merging externally imported templates into component templates."
- enum:
- - "patch"
- - "replace"
- - "none"
- type: "string"
- templateRef:
- description: "Specifies the name of the referenced configuration template ConfigMap object."
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- required:
- - "templateRef"
- type: "object"
- name:
- description: "Specifies the name of the configuration template."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- namespace:
- default: "default"
- description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
- reRenderResourceTypes:
- description: "Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.\n\n\nIn some scenarios, the configuration may need to be updated to reflect the changes in resource allocation\nor cluster topology. Examples:\n\n\n- Redis: adjust maxmemory after v-scale operation.\n- MySQL: increase max connections after v-scale operation.\n- Zookeeper: update zoo.cfg with new node addresses after h-scale operation."
- items:
- description: "RerenderResourceType defines the resource requirements for a component."
- enum:
- - "vscale"
- - "hscale"
- - "tls"
- type: "string"
- type: "array"
- x-kubernetes-list-type: "set"
- templateRef:
- description: "Specifies the name of the referenced configuration template ConfigMap object."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- volumeName:
- description: "Refers to the volume name of PodTemplate. The configuration file produced through the configuration\ntemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.\nThe volume name must be defined in podSpec.containers[*].volumeMounts."
- maxLength: 63
- pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
- required:
- - "name"
- - "volumeName"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- consensusSpec:
- description: "Defines spec for `Consensus` workloads. It's required if the workload type is `Consensus`."
- properties:
- followers:
- description: "Members of the consensus set that have voting rights but are not the leader."
- items:
- description: "ConsensusMember is deprecated since v0.7."
- properties:
- accessMode:
- default: "ReadWrite"
- description: "Specifies the services that this member is capable of providing."
- enum:
- - "None"
- - "Readonly"
- - "ReadWrite"
- type: "string"
- name:
- default: "leader"
- description: "Specifies the name of the consensus member."
- type: "string"
- replicas:
- default: 0
- description: "Indicates the number of Pods that perform this role.\nThe default is 1 for `Leader`, 0 for `Learner`, others for `Followers`."
- format: "int32"
- minimum: 0.0
- type: "integer"
- required:
- - "accessMode"
- - "name"
- type: "object"
- type: "array"
- leader:
- description: "Represents a single leader in the consensus set."
- properties:
- accessMode:
- default: "ReadWrite"
- description: "Specifies the services that this member is capable of providing."
- enum:
- - "None"
- - "Readonly"
- - "ReadWrite"
- type: "string"
- name:
- default: "leader"
- description: "Specifies the name of the consensus member."
- type: "string"
- replicas:
- default: 0
- description: "Indicates the number of Pods that perform this role.\nThe default is 1 for `Leader`, 0 for `Learner`, others for `Followers`."
- format: "int32"
- minimum: 0.0
- type: "integer"
- required:
- - "accessMode"
- - "name"
- type: "object"
- learner:
- description: "Represents a member of the consensus set that does not have voting rights."
- properties:
- accessMode:
- default: "ReadWrite"
- description: "Specifies the services that this member is capable of providing."
- enum:
- - "None"
- - "Readonly"
- - "ReadWrite"
- type: "string"
- name:
- default: "leader"
- description: "Specifies the name of the consensus member."
- type: "string"
- replicas:
- default: 0
- description: "Indicates the number of Pods that perform this role.\nThe default is 1 for `Leader`, 0 for `Learner`, others for `Followers`."
- format: "int32"
- minimum: 0.0
- type: "integer"
- required:
- - "accessMode"
- - "name"
- type: "object"
- llPodManagementPolicy:
- description: "Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down."
- type: "string"
- llUpdateStrategy:
- description: "Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a\nrevision to the Template.\n`UpdateStrategy` will be ignored if this is provided."
- properties:
- rollingUpdate:
- description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType."
- properties:
- maxUnavailable:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable."
- x-kubernetes-int-or-string: true
- partition:
- description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0."
- format: "int32"
- type: "integer"
- type: "object"
- type:
- description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate."
- type: "string"
- type: "object"
- updateStrategy:
- default: "Serial"
- description: "Specifies the strategy for updating Pods.\nFor workloadType=`Consensus`, the update strategy can be one of the following:\n\n\n- `Serial`: Updates Members sequentially to minimize component downtime.\n- `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online\nat all times.\n- `Parallel`: Forces parallel updates."
- enum:
- - "Serial"
- - "BestEffortParallel"
- - "Parallel"
- type: "string"
- required:
- - "leader"
- type: "object"
- horizontalScalePolicy:
- description: "Defines the behavior of horizontal scale."
- properties:
- backupPolicyTemplateName:
- description: "Refers to the backup policy template."
- type: "string"
- type:
- default: "None"
- description: "Determines the data synchronization method when a component scales out.\nThe policy can be one of the following: {None, CloneVolume}. The default policy is `None`.\n\n\n- `None`: This is the default policy. It creates an empty volume without data cloning.\n- `CloneVolume`: This policy clones data to newly scaled pods. It first tries to use a volume snapshot.\n If volume snapshot is not enabled, it will attempt to use a backup tool. If neither method works, it will report an error.\n- `Snapshot`: This policy is deprecated and is an alias for CloneVolume."
- enum:
- - "None"
- - "CloneVolume"
- - "Snapshot"
- type: "string"
- volumeMountsName:
- description: "Specifies the volumeMount of the container to backup.\nThis only works if Type is not None. If not specified, the first volumeMount will be selected."
- type: "string"
- type: "object"
- logConfigs:
- description: "Specify the logging files which can be observed and configured by cluster users."
- items:
- properties:
- filePathPattern:
- description: "Specifies the paths or patterns identifying where the log files are stored.\nThis field allows the system to locate and manage log files effectively.\n\n\nExamples:\n\n\n- /home/postgres/pgdata/pgroot/data/log/postgresql-*\n- /data/mysql/log/mysqld-error.log"
- maxLength: 4096
- type: "string"
- name:
- description: "Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file.\nIt provides a clear identification of the log's purpose and content."
- maxLength: 128
- type: "string"
- required:
- - "filePathPattern"
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- name:
- description: "This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same\nvalidation rules as `cluster.spec.componentSpecs.name`, currently complying with IANA Service Naming rule.\nThis name will apply to cluster objects as the value of label \"apps.kubeblocks.io/component-name\"."
- maxLength: 22
- pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
- podSpec:
- description: "Defines the pod spec template of component."
- properties:
- activeDeadlineSeconds:
- description: "Optional duration in seconds the pod may be active on the node relative to\nStartTime before the system will actively try to mark it failed and kill associated containers.\nValue must be a positive integer."
- format: "int64"
- type: "integer"
- affinity:
- description: "If specified, the pod's scheduling constraints"
- properties:
- nodeAffinity:
- description: "Describes node affinity scheduling rules for the pod."
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
- items:
- description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)."
- properties:
- preference:
- description: "A node selector term, associated with the corresponding weight."
- properties:
- matchExpressions:
- description: "A list of node selector requirements by node's labels."
- items:
- description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
- properties:
- key:
- description: "The label key that the selector applies to."
- type: "string"
- operator:
- description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
- type: "string"
- values:
- description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchFields:
- description: "A list of node selector requirements by node's fields."
- items:
- description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
- properties:
- key:
- description: "The label key that the selector applies to."
- type: "string"
- operator:
- description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
- type: "string"
- values:
- description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- type: "object"
- x-kubernetes-map-type: "atomic"
- weight:
- description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100."
- format: "int32"
- type: "integer"
- required:
- - "preference"
- - "weight"
- type: "object"
- type: "array"
- requiredDuringSchedulingIgnoredDuringExecution:
- description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
- properties:
- nodeSelectorTerms:
- description: "Required. A list of node selector terms. The terms are ORed."
- items:
- description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm."
- properties:
- matchExpressions:
- description: "A list of node selector requirements by node's labels."
- items:
- description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
- properties:
- key:
- description: "The label key that the selector applies to."
- type: "string"
- operator:
- description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
- type: "string"
- values:
- description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchFields:
- description: "A list of node selector requirements by node's fields."
- items:
- description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
- properties:
- key:
- description: "The label key that the selector applies to."
- type: "string"
- operator:
- description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
- type: "string"
- values:
- description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "array"
- required:
- - "nodeSelectorTerms"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- podAffinity:
- description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))."
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
- items:
- description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
- properties:
- podAffinityTerm:
- description: "Required. A pod affinity term, associated with the corresponding weight."
- properties:
- labelSelector:
- description: "A label query over a set of resources, in this case pods."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaceSelector:
- description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaces:
- description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
- items:
- type: "string"
- type: "array"
- topologyKey:
- description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
- type: "string"
- required:
- - "topologyKey"
- type: "object"
- weight:
- description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
- format: "int32"
- type: "integer"
- required:
- - "podAffinityTerm"
- - "weight"
- type: "object"
- type: "array"
- requiredDuringSchedulingIgnoredDuringExecution:
- description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
- items:
- description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
- properties:
- labelSelector:
- description: "A label query over a set of resources, in this case pods."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaceSelector:
- description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaces:
- description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
- items:
- type: "string"
- type: "array"
- topologyKey:
- description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
- type: "string"
- required:
- - "topologyKey"
- type: "object"
- type: "array"
- type: "object"
- podAntiAffinity:
- description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
- items:
- description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
- properties:
- podAffinityTerm:
- description: "Required. A pod affinity term, associated with the corresponding weight."
- properties:
- labelSelector:
- description: "A label query over a set of resources, in this case pods."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaceSelector:
- description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaces:
- description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
- items:
- type: "string"
- type: "array"
- topologyKey:
- description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
- type: "string"
- required:
- - "topologyKey"
- type: "object"
- weight:
- description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
- format: "int32"
- type: "integer"
- required:
- - "podAffinityTerm"
- - "weight"
- type: "object"
- type: "array"
- requiredDuringSchedulingIgnoredDuringExecution:
- description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
- items:
- description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
- properties:
- labelSelector:
- description: "A label query over a set of resources, in this case pods."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaceSelector:
- description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- namespaces:
- description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
- items:
- type: "string"
- type: "array"
- topologyKey:
- description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
- type: "string"
- required:
- - "topologyKey"
- type: "object"
- type: "array"
- type: "object"
- type: "object"
- automountServiceAccountToken:
- description: "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted."
- type: "boolean"
- containers:
- description: "List of containers belonging to the pod.\nContainers cannot currently be added or removed.\nThere must be at least one container in a Pod.\nCannot be updated."
- items:
- description: "A single application container that you want to run within a pod."
- properties:
- args:
- description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
- items:
- type: "string"
- type: "array"
- command:
- description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
- items:
- type: "string"
- type: "array"
- env:
- description: "List of environment variables to set in the container.\nCannot be updated."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- envFrom:
- description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
- items:
- description: "EnvFromSource represents the source of a set of ConfigMaps"
- properties:
- configMapRef:
- description: "The ConfigMap to select from"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- prefix:
- description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
- type: "string"
- secretRef:
- description: "The Secret to select from"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- type: "array"
- image:
- description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
- type: "string"
- imagePullPolicy:
- description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
- type: "string"
- lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
- properties:
- postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "object"
- preStop:
- description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "object"
- type: "object"
- livenessProbe:
- description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- name:
- description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
- type: "string"
- ports:
- description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
- items:
- description: "ContainerPort represents a network port in a single container."
- properties:
- containerPort:
- description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
- format: "int32"
- type: "integer"
- hostIP:
- description: "What host IP to bind the external port to."
- type: "string"
- hostPort:
- description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
- format: "int32"
- type: "integer"
- name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
- type: "string"
- protocol:
- default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
- type: "string"
- required:
- - "containerPort"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "containerPort"
- - "protocol"
- x-kubernetes-list-type: "map"
- readinessProbe:
- description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- resizePolicy:
- description: "Resources resize policy for the container."
- items:
- description: "ContainerResizePolicy represents resource resize policy for the container."
- properties:
- resourceName:
- description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
- type: "string"
- restartPolicy:
- description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
- type: "string"
- required:
- - "resourceName"
- - "restartPolicy"
- type: "object"
- type: "array"
- x-kubernetes-list-type: "atomic"
- resources:
- description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- limits:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- requests:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- type: "object"
- restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
- type: "string"
- securityContext:
- description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
- properties:
- allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- capabilities:
- description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- add:
- description: "Added capabilities"
- items:
- description: "Capability represent POSIX capabilities type"
- type: "string"
- type: "array"
- drop:
- description: "Removed capabilities"
- items:
- description: "Capability represent POSIX capabilities type"
- type: "string"
- type: "array"
- type: "object"
- privileged:
- description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- procMount:
- description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
- type: "string"
- readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- runAsGroup:
- description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- runAsNonRoot:
- description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "boolean"
- runAsUser:
- description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- seLinuxOptions:
- description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- level:
- description: "Level is SELinux level label that applies to the container."
- type: "string"
- role:
- description: "Role is a SELinux role label that applies to the container."
- type: "string"
- type:
- description: "Type is a SELinux type label that applies to the container."
- type: "string"
- user:
- description: "User is a SELinux user label that applies to the container."
- type: "string"
- type: "object"
- seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
- type: "string"
- type:
- description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
- type: "string"
- required:
- - "type"
- type: "object"
- windowsOptions:
- description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
- properties:
- gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
- type: "string"
- gmsaCredentialSpecName:
- description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
- type: "string"
- hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
- type: "boolean"
- runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "string"
- type: "object"
- type: "object"
- startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
- type: "boolean"
- stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
- type: "boolean"
- terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
- type: "string"
- terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
- type: "string"
- tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
- type: "boolean"
- volumeDevices:
- description: "volumeDevices is the list of block devices to be used by the container."
- items:
- description: "volumeDevice describes a mapping of a raw block device within a container."
- properties:
- devicePath:
- description: "devicePath is the path inside of the container that the device will be mapped to."
- type: "string"
- name:
- description: "name must match the name of a persistentVolumeClaim in the pod"
- type: "string"
- required:
- - "devicePath"
- - "name"
- type: "object"
- type: "array"
- volumeMounts:
- description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
- items:
- description: "VolumeMount describes a mounting of a Volume within a container."
- properties:
- mountPath:
- description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
- type: "string"
- mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
- type: "string"
- name:
- description: "This must match the Name of a Volume."
- type: "string"
- readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
- type: "boolean"
- subPath:
- description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
- type: "string"
- subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
- type: "string"
- required:
- - "mountPath"
- - "name"
- type: "object"
- type: "array"
- workingDir:
- description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- dnsConfig:
- description: "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy."
- properties:
- nameservers:
- description: "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed."
- items:
- type: "string"
- type: "array"
- options:
- description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy."
- items:
- description: "PodDNSConfigOption defines DNS resolver options of a pod."
- properties:
- name:
- description: "Required."
- type: "string"
- value:
- type: "string"
- type: "object"
- type: "array"
- searches:
- description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed."
- items:
- type: "string"
- type: "array"
- type: "object"
- dnsPolicy:
- description: "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'."
- type: "string"
- enableServiceLinks:
- description: "EnableServiceLinks indicates whether information about services should be injected into pod's\nenvironment variables, matching the syntax of Docker links.\nOptional: Defaults to true."
- type: "boolean"
- ephemeralContainers:
- description: "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing\npod to perform user-initiated actions such as debugging. This list cannot be specified when\ncreating a pod, and it cannot be modified by updating the pod spec. In order to add an\nephemeral container to an existing pod, use the pod's ephemeralcontainers subresource."
- items:
- description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted."
- properties:
- args:
- description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
- items:
- type: "string"
- type: "array"
- command:
- description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
- items:
- type: "string"
- type: "array"
- env:
- description: "List of environment variables to set in the container.\nCannot be updated."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- envFrom:
- description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
- items:
- description: "EnvFromSource represents the source of a set of ConfigMaps"
- properties:
- configMapRef:
- description: "The ConfigMap to select from"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- prefix:
- description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
- type: "string"
- secretRef:
- description: "The Secret to select from"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- type: "array"
- image:
- description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images"
- type: "string"
- imagePullPolicy:
- description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
- type: "string"
- lifecycle:
- description: "Lifecycle is not allowed for ephemeral containers."
- properties:
- postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "object"
- preStop:
- description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "object"
- type: "object"
- livenessProbe:
- description: "Probes are not allowed for ephemeral containers."
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- name:
- description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers."
- type: "string"
- ports:
- description: "Ports are not allowed for ephemeral containers."
- items:
- description: "ContainerPort represents a network port in a single container."
- properties:
- containerPort:
- description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
- format: "int32"
- type: "integer"
- hostIP:
- description: "What host IP to bind the external port to."
- type: "string"
- hostPort:
- description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
- format: "int32"
- type: "integer"
- name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
- type: "string"
- protocol:
- default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
- type: "string"
- required:
- - "containerPort"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "containerPort"
- - "protocol"
- x-kubernetes-list-type: "map"
- readinessProbe:
- description: "Probes are not allowed for ephemeral containers."
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- resizePolicy:
- description: "Resources resize policy for the container."
- items:
- description: "ContainerResizePolicy represents resource resize policy for the container."
- properties:
- resourceName:
- description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
- type: "string"
- restartPolicy:
- description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
- type: "string"
- required:
- - "resourceName"
- - "restartPolicy"
- type: "object"
- type: "array"
- x-kubernetes-list-type: "atomic"
- resources:
- description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod."
- properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- limits:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- requests:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- type: "object"
- restartPolicy:
- description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers."
- type: "string"
- securityContext:
- description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext."
- properties:
- allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- capabilities:
- description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- add:
- description: "Added capabilities"
- items:
- description: "Capability represent POSIX capabilities type"
- type: "string"
- type: "array"
- drop:
- description: "Removed capabilities"
- items:
- description: "Capability represent POSIX capabilities type"
- type: "string"
- type: "array"
- type: "object"
- privileged:
- description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- procMount:
- description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
- type: "string"
- readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- runAsGroup:
- description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- runAsNonRoot:
- description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "boolean"
- runAsUser:
- description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- seLinuxOptions:
- description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- level:
- description: "Level is SELinux level label that applies to the container."
- type: "string"
- role:
- description: "Role is a SELinux role label that applies to the container."
- type: "string"
- type:
- description: "Type is a SELinux type label that applies to the container."
- type: "string"
- user:
- description: "User is a SELinux user label that applies to the container."
- type: "string"
- type: "object"
- seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
- type: "string"
- type:
- description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
- type: "string"
- required:
- - "type"
- type: "object"
- windowsOptions:
- description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
- properties:
- gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
- type: "string"
- gmsaCredentialSpecName:
- description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
- type: "string"
- hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
- type: "boolean"
- runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "string"
- type: "object"
- type: "object"
- startupProbe:
- description: "Probes are not allowed for ephemeral containers."
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
- type: "boolean"
- stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
- type: "boolean"
- targetContainerName:
- description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined."
- type: "string"
- terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
- type: "string"
- terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
- type: "string"
- tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
- type: "boolean"
- volumeDevices:
- description: "volumeDevices is the list of block devices to be used by the container."
- items:
- description: "volumeDevice describes a mapping of a raw block device within a container."
- properties:
- devicePath:
- description: "devicePath is the path inside of the container that the device will be mapped to."
- type: "string"
- name:
- description: "name must match the name of a persistentVolumeClaim in the pod"
- type: "string"
- required:
- - "devicePath"
- - "name"
- type: "object"
- type: "array"
- volumeMounts:
- description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated."
- items:
- description: "VolumeMount describes a mounting of a Volume within a container."
- properties:
- mountPath:
- description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
- type: "string"
- mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
- type: "string"
- name:
- description: "This must match the Name of a Volume."
- type: "string"
- readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
- type: "boolean"
- subPath:
- description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
- type: "string"
- subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
- type: "string"
- required:
- - "mountPath"
- - "name"
- type: "object"
- type: "array"
- workingDir:
- description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- hostAliases:
- description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified. This is only valid for non-hostNetwork pods."
- items:
- description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file."
- properties:
- hostnames:
- description: "Hostnames for the above IP address."
- items:
- type: "string"
- type: "array"
- ip:
- description: "IP address of the host file entry."
- type: "string"
- type: "object"
- type: "array"
- hostIPC:
- description: "Use the host's ipc namespace.\nOptional: Default to false."
- type: "boolean"
- hostNetwork:
- description: "Host networking requested for this pod. Use the host's network namespace.\nIf this option is set, the ports that will be used must be specified.\nDefault to false."
- type: "boolean"
- hostPID:
- description: "Use the host's pid namespace.\nOptional: Default to false."
- type: "boolean"
- hostUsers:
- description: "Use the host's user namespace.\nOptional: Default to true.\nIf set to true or not present, the pod will be run in the host user namespace, useful\nfor when the pod needs a feature only available to the host user namespace, such as\nloading a kernel module with CAP_SYS_MODULE.\nWhen set to false, a new userns is created for the pod. Setting false is useful for\nmitigating container breakout vulnerabilities even allowing users to run their\ncontainers as root without actually having root privileges on the host.\nThis field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature."
- type: "boolean"
- hostname:
- description: "Specifies the hostname of the Pod\nIf not specified, the pod's hostname will be set to a system-defined value."
- type: "string"
- imagePullSecrets:
- description: "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
- items:
- description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "array"
- initContainers:
- description: "List of initialization containers belonging to the pod.\nInit containers are executed in order prior to containers being started. If any\ninit container fails, the pod is considered to have failed and is handled according\nto its restartPolicy. The name for an init container or normal container must be\nunique among all containers.\nInit containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.\nThe resourceRequirements of an init container are taken into account during scheduling\nby finding the highest request/limit for each resource type, and then using the max of\nof that value or the sum of the normal containers. Limits are applied to init containers\nin a similar fashion.\nInit containers cannot currently be added or removed.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/"
- items:
- description: "A single application container that you want to run within a pod."
- properties:
- args:
- description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
- items:
- type: "string"
- type: "array"
- command:
- description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
- items:
- type: "string"
- type: "array"
- env:
- description: "List of environment variables to set in the container.\nCannot be updated."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- envFrom:
- description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
- items:
- description: "EnvFromSource represents the source of a set of ConfigMaps"
- properties:
- configMapRef:
- description: "The ConfigMap to select from"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- prefix:
- description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
- type: "string"
- secretRef:
- description: "The Secret to select from"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- type: "array"
- image:
- description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
- type: "string"
- imagePullPolicy:
- description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
- type: "string"
- lifecycle:
- description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
- properties:
- postStart:
- description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "object"
- preStop:
- description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- tcpSocket:
- description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "object"
- type: "object"
- livenessProbe:
- description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- name:
- description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
- type: "string"
- ports:
- description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
- items:
- description: "ContainerPort represents a network port in a single container."
- properties:
- containerPort:
- description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
- format: "int32"
- type: "integer"
- hostIP:
- description: "What host IP to bind the external port to."
- type: "string"
- hostPort:
- description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
- format: "int32"
- type: "integer"
- name:
- description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
- type: "string"
- protocol:
- default: "TCP"
- description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
- type: "string"
- required:
- - "containerPort"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "containerPort"
- - "protocol"
- x-kubernetes-list-type: "map"
- readinessProbe:
- description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- resizePolicy:
- description: "Resources resize policy for the container."
- items:
- description: "ContainerResizePolicy represents resource resize policy for the container."
- properties:
- resourceName:
- description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
- type: "string"
- restartPolicy:
- description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
- type: "string"
- required:
- - "resourceName"
- - "restartPolicy"
- type: "object"
- type: "array"
- x-kubernetes-list-type: "atomic"
- resources:
- description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- limits:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- requests:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- type: "object"
- restartPolicy:
- description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
- type: "string"
- securityContext:
- description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
- properties:
- allowPrivilegeEscalation:
- description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- capabilities:
- description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- add:
- description: "Added capabilities"
- items:
- description: "Capability represent POSIX capabilities type"
- type: "string"
- type: "array"
- drop:
- description: "Removed capabilities"
- items:
- description: "Capability represent POSIX capabilities type"
- type: "string"
- type: "array"
- type: "object"
- privileged:
- description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- procMount:
- description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
- type: "string"
- readOnlyRootFilesystem:
- description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
- type: "boolean"
- runAsGroup:
- description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- runAsNonRoot:
- description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "boolean"
- runAsUser:
- description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- seLinuxOptions:
- description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- level:
- description: "Level is SELinux level label that applies to the container."
- type: "string"
- role:
- description: "Role is a SELinux role label that applies to the container."
- type: "string"
- type:
- description: "Type is a SELinux type label that applies to the container."
- type: "string"
- user:
- description: "User is a SELinux user label that applies to the container."
- type: "string"
- type: "object"
- seccompProfile:
- description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
- type: "string"
- type:
- description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
- type: "string"
- required:
- - "type"
- type: "object"
- windowsOptions:
- description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
- properties:
- gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
- type: "string"
- gmsaCredentialSpecName:
- description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
- type: "string"
- hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
- type: "boolean"
- runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "string"
- type: "object"
- type: "object"
- startupProbe:
- description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- properties:
- exec:
- description: "Exec specifies the action to take."
- properties:
- command:
- description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
- format: "int32"
- type: "integer"
- grpc:
- description: "GRPC specifies an action involving a GRPC port."
- properties:
- port:
- description: "Port number of the gRPC service. Number must be in the range 1 to 65535."
- format: "int32"
- type: "integer"
- service:
- description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC."
- type: "string"
- required:
- - "port"
- type: "object"
- httpGet:
- description: "HTTPGet specifies the http request to perform."
- properties:
- host:
- description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
- type: "string"
- httpHeaders:
- description: "Custom headers to set in the request. HTTP allows repeated headers."
- items:
- description: "HTTPHeader describes a custom header to be used in HTTP probes"
- properties:
- name:
- description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
- type: "string"
- value:
- description: "The header field value"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- path:
- description: "Path to access on the HTTP server."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- scheme:
- description: "Scheme to use for connecting to the host.\nDefaults to HTTP."
- type: "string"
- required:
- - "port"
- type: "object"
- initialDelaySeconds:
- description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- periodSeconds:
- description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
- format: "int32"
- type: "integer"
- successThreshold:
- description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
- format: "int32"
- type: "integer"
- tcpSocket:
- description: "TCPSocket specifies an action involving a TCP port."
- properties:
- host:
- description: "Optional: Host name to connect to, defaults to the pod IP."
- type: "string"
- port:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
- format: "int64"
- type: "integer"
- timeoutSeconds:
- description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
- format: "int32"
- type: "integer"
- type: "object"
- stdin:
- description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
- type: "boolean"
- stdinOnce:
- description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
- type: "boolean"
- terminationMessagePath:
- description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
- type: "string"
- terminationMessagePolicy:
- description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
- type: "string"
- tty:
- description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
- type: "boolean"
- volumeDevices:
- description: "volumeDevices is the list of block devices to be used by the container."
- items:
- description: "volumeDevice describes a mapping of a raw block device within a container."
- properties:
- devicePath:
- description: "devicePath is the path inside of the container that the device will be mapped to."
- type: "string"
- name:
- description: "name must match the name of a persistentVolumeClaim in the pod"
- type: "string"
- required:
- - "devicePath"
- - "name"
- type: "object"
- type: "array"
- volumeMounts:
- description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
- items:
- description: "VolumeMount describes a mounting of a Volume within a container."
- properties:
- mountPath:
- description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
- type: "string"
- mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
- type: "string"
- name:
- description: "This must match the Name of a Volume."
- type: "string"
- readOnly:
- description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
- type: "boolean"
- subPath:
- description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
- type: "string"
- subPathExpr:
- description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
- type: "string"
- required:
- - "mountPath"
- - "name"
- type: "object"
- type: "array"
- workingDir:
- description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- nodeName:
- description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this pod onto that node, assuming that it fits resource\nrequirements."
- type: "string"
- nodeSelector:
- additionalProperties:
- type: "string"
- description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
- type: "object"
- x-kubernetes-map-type: "atomic"
- os:
- description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup"
- properties:
- name:
- description: "Name is the name of the operating system. The currently supported values are linux and windows.\nAdditional value may be defined in future and can be one of:\nhttps://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration\nClients should expect to handle additional values and treat unrecognized values in this field as os: null"
- type: "string"
- required:
- - "name"
- type: "object"
- overhead:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass.\nThis field will be autopopulated at admission time by the RuntimeClass admission controller. If\nthe RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests.\nThe RuntimeClass admission controller will reject Pod create requests which have the overhead already\nset. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value\ndefined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero.\nMore info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md"
- type: "object"
- preemptionPolicy:
- description: "PreemptionPolicy is the Policy for preempting pods with lower priority.\nOne of Never, PreemptLowerPriority.\nDefaults to PreemptLowerPriority if unset."
- type: "string"
- priority:
- description: "The priority value. Various system components use this field to find the\npriority of the pod. When Priority Admission Controller is enabled, it\nprevents users from setting this field. The admission controller populates\nthis field from PriorityClassName.\nThe higher the value, the higher the priority."
- format: "int32"
- type: "integer"
- priorityClassName:
- description: "If specified, indicates the pod's priority. \"system-node-critical\" and\n\"system-cluster-critical\" are two special keywords which indicate the\nhighest priorities with the former being the highest priority. Any other\nname must be defined by creating a PriorityClass object with that name.\nIf not specified, the pod priority will be default or zero if there is no\ndefault."
- type: "string"
- readinessGates:
- description: "If specified, all readiness gates will be evaluated for pod readiness.\nA pod is ready when all its containers are ready AND\nall conditions specified in the readiness gates have status equal to \"True\"\nMore info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates"
- items:
- description: "PodReadinessGate contains the reference to a pod condition"
- properties:
- conditionType:
- description: "ConditionType refers to a condition in the pod's condition list with matching type."
- type: "string"
- required:
- - "conditionType"
- type: "object"
- type: "array"
- resourceClaims:
- description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable."
- items:
- description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource.\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name."
- properties:
- name:
- description: "Name uniquely identifies this resource claim inside the pod.\nThis must be a DNS_LABEL."
- type: "string"
- source:
- description: "Source describes where to find the ResourceClaim."
- properties:
- resourceClaimName:
- description: "ResourceClaimName is the name of a ResourceClaim object in the same\nnamespace as this pod."
- type: "string"
- resourceClaimTemplateName:
- description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim."
- type: "string"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- restartPolicy:
- description: "Restart policy for all containers within the pod.\nOne of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.\nDefault to Always.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy"
- type: "string"
- runtimeClassName:
- description: "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used\nto run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.\nIf unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an\nempty definition that uses the default runtime handler.\nMore info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class"
- type: "string"
- schedulerName:
- description: "If specified, the pod will be dispatched by specified scheduler.\nIf not specified, the pod will be dispatched by default scheduler."
- type: "string"
- schedulingGates:
- description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate."
- items:
- description: "PodSchedulingGate is associated to a Pod to guard its scheduling."
- properties:
- name:
- description: "Name of the scheduling gate.\nEach scheduling gate must have a unique name field."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- securityContext:
- description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field."
- properties:
- fsGroup:
- description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- fsGroupChangePolicy:
- description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
- type: "string"
- runAsGroup:
- description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- runAsNonRoot:
- description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "boolean"
- runAsUser:
- description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
- format: "int64"
- type: "integer"
- seLinuxOptions:
- description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- level:
- description: "Level is SELinux level label that applies to the container."
- type: "string"
- role:
- description: "Role is a SELinux role label that applies to the container."
- type: "string"
- type:
- description: "Type is a SELinux type label that applies to the container."
- type: "string"
- user:
- description: "User is a SELinux user label that applies to the container."
- type: "string"
- type: "object"
- seccompProfile:
- description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
- properties:
- localhostProfile:
- description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
- type: "string"
- type:
- description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
- type: "string"
- required:
- - "type"
- type: "object"
- supplementalGroups:
- description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
- items:
- format: "int64"
- type: "integer"
- type: "array"
- sysctls:
- description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
- items:
- description: "Sysctl defines a kernel parameter to be set"
- properties:
- name:
- description: "Name of a property to set"
- type: "string"
- value:
- description: "Value of a property to set"
- type: "string"
- required:
- - "name"
- - "value"
- type: "object"
- type: "array"
- windowsOptions:
- description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
- properties:
- gmsaCredentialSpec:
- description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
- type: "string"
- gmsaCredentialSpecName:
- description: "GMSACredentialSpecName is the name of the GMSA credential spec to use."
- type: "string"
- hostProcess:
- description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
- type: "boolean"
- runAsUserName:
- description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
- type: "string"
- type: "object"
- type: "object"
- serviceAccount:
- description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead."
- type: "string"
- serviceAccountName:
- description: "ServiceAccountName is the name of the ServiceAccount to use to run this pod.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/"
- type: "string"
- setHostnameAsFQDN:
- description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).\nIn Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).\nIn Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN.\nIf a pod does not have FQDN, this has no effect.\nDefault to false."
- type: "boolean"
- shareProcessNamespace:
- description: "Share a single process namespace between all of the containers in a pod.\nWhen this is set containers will be able to view and signal processes from other containers\nin the same pod, and the first process in each container will not be assigned PID 1.\nHostPID and ShareProcessNamespace cannot both be set.\nOptional: Default to false."
- type: "boolean"
- subdomain:
- description: "If specified, the fully qualified Pod hostname will be \"...svc.\".\nIf not specified, the pod will not have a domainname at all."
- type: "string"
- terminationGracePeriodSeconds:
- description: "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nIf this value is nil, the default grace period will be used instead.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nDefaults to 30 seconds."
- format: "int64"
- type: "integer"
- tolerations:
- description: "If specified, the pod's tolerations."
- items:
- description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ."
- properties:
- effect:
- description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute."
- type: "string"
- key:
- description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys."
- type: "string"
- operator:
- description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category."
- type: "string"
- tolerationSeconds:
- description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system."
- format: "int64"
- type: "integer"
- value:
- description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string."
- type: "string"
- type: "object"
- type: "array"
- topologySpreadConstraints:
- description: "TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
- items:
- description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology."
- properties:
- labelSelector:
- description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
- items:
- type: "string"
- type: "array"
- x-kubernetes-list-type: "atomic"
- maxSkew:
- description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed."
- format: "int32"
- type: "integer"
- minDomains:
- description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
- format: "int32"
- type: "integer"
- nodeAffinityPolicy:
- description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
- type: "string"
- nodeTaintsPolicy:
- description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
- type: "string"
- topologyKey:
- description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field."
- type: "string"
- whenUnsatisfiable:
- description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field."
- type: "string"
- required:
- - "maxSkew"
- - "topologyKey"
- - "whenUnsatisfiable"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "topologyKey"
- - "whenUnsatisfiable"
- x-kubernetes-list-type: "map"
- volumes:
- description: "List of volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
- items:
- description: "Volume represents a named volume in a pod that may be accessed by any container in the pod."
- properties:
- awsElasticBlockStore:
- description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
- properties:
- fsType:
- description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine"
- type: "string"
- partition:
- description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
- format: "int32"
- type: "integer"
- readOnly:
- description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
- type: "boolean"
- volumeID:
- description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
- type: "string"
- required:
- - "volumeID"
- type: "object"
- azureDisk:
- description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod."
- properties:
- cachingMode:
- description: "cachingMode is the Host Caching mode: None, Read Only, Read Write."
- type: "string"
- diskName:
- description: "diskName is the Name of the data disk in the blob storage"
- type: "string"
- diskURI:
- description: "diskURI is the URI of data disk in the blob storage"
- type: "string"
- fsType:
- description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
- type: "string"
- kind:
- description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared"
- type: "string"
- readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- required:
- - "diskName"
- - "diskURI"
- type: "object"
- azureFile:
- description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod."
- properties:
- readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- secretName:
- description: "secretName is the name of secret that contains Azure Storage Account Name and Key"
- type: "string"
- shareName:
- description: "shareName is the azure share Name"
- type: "string"
- required:
- - "secretName"
- - "shareName"
- type: "object"
- cephfs:
- description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime"
- properties:
- monitors:
- description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
- items:
- type: "string"
- type: "array"
- path:
- description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
- type: "string"
- readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
- type: "boolean"
- secretFile:
- description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
- type: "string"
- secretRef:
- description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- user:
- description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
- type: "string"
- required:
- - "monitors"
- type: "object"
- cinder:
- description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
- properties:
- fsType:
- description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
- type: "string"
- readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
- type: "boolean"
- secretRef:
- description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- volumeID:
- description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
- type: "string"
- required:
- - "volumeID"
- type: "object"
- configMap:
- description: "configMap represents a configMap that should populate this volume"
- properties:
- defaultMode:
- description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
- items:
- description: "Maps a string key to a path within a volume."
- properties:
- key:
- description: "key is the key to project."
- type: "string"
- mode:
- description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- path:
- description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
- type: "string"
- required:
- - "key"
- - "path"
- type: "object"
- type: "array"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "optional specify whether the ConfigMap or its keys must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- csi:
- description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)."
- properties:
- driver:
- description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster."
- type: "string"
- fsType:
- description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply."
- type: "string"
- nodePublishSecretRef:
- description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- readOnly:
- description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)."
- type: "boolean"
- volumeAttributes:
- additionalProperties:
- type: "string"
- description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
- type: "object"
- required:
- - "driver"
- type: "object"
- downwardAPI:
- description: "downwardAPI represents downward API about the pod that should populate this volume"
- properties:
- defaultMode:
- description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- items:
- description: "Items is a list of downward API volume file"
- items:
- description: "DownwardAPIVolumeFile represents information to create the file containing the pod field"
- properties:
- fieldRef:
- description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- path:
- description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
- type: "string"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- required:
- - "path"
- type: "object"
- type: "array"
- type: "object"
- emptyDir:
- description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
- properties:
- medium:
- description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
- type: "string"
- sizeLimit:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- type: "object"
- ephemeral:
- description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil."
- properties:
- metadata:
- description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
- properties:
- annotations:
- additionalProperties:
- type: "string"
- type: "object"
- finalizers:
- items:
- type: "string"
- type: "array"
- labels:
- additionalProperties:
- type: "string"
- type: "object"
- name:
- type: "string"
- namespace:
- type: "string"
- type: "object"
- spec:
- description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here."
- properties:
- accessModes:
- description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
- items:
- type: "string"
- type: "array"
- dataSource:
- description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
- properties:
- apiGroup:
- description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
- type: "string"
- kind:
- description: "Kind is the type of resource being referenced"
- type: "string"
- name:
- description: "Name is the name of resource being referenced"
- type: "string"
- required:
- - "kind"
- - "name"
- type: "object"
- x-kubernetes-map-type: "atomic"
- dataSourceRef:
- description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
- properties:
- apiGroup:
- description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
- type: "string"
- kind:
- description: "Kind is the type of resource being referenced"
- type: "string"
- name:
- description: "Name is the name of resource being referenced"
- type: "string"
- namespace:
- description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
- type: "string"
- required:
- - "kind"
- - "name"
- type: "object"
- resources:
- description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
- properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- limits:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- requests:
- additionalProperties:
- anyOf:
- - type: "integer"
- - type: "string"
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
- type: "object"
- type: "object"
- selector:
- description: "selector is a label query over volumes to consider for binding."
- properties:
- matchExpressions:
- description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
- items:
- description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
- properties:
- key:
- description: "key is the label key that the selector applies to."
- type: "string"
- operator:
- description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
- type: "string"
- values:
- description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
- items:
- type: "string"
- type: "array"
- required:
- - "key"
- - "operator"
- type: "object"
- type: "array"
- matchLabels:
- additionalProperties:
- type: "string"
- description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
- type: "object"
- type: "object"
- x-kubernetes-map-type: "atomic"
- storageClassName:
- description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
- type: "string"
- volumeMode:
- description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
- type: "string"
- volumeName:
- description: "volumeName is the binding reference to the PersistentVolume backing this claim."
- type: "string"
- type: "object"
- required:
- - "spec"
- type: "object"
- type: "object"
- fc:
- description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod."
- properties:
- fsType:
- description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine"
- type: "string"
- lun:
- description: "lun is Optional: FC target lun number"
- format: "int32"
- type: "integer"
- readOnly:
- description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- targetWWNs:
- description: "targetWWNs is Optional: FC target worldwide names (WWNs)"
- items:
- type: "string"
- type: "array"
- wwids:
- description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
- items:
- type: "string"
- type: "array"
- type: "object"
- flexVolume:
- description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
- properties:
- driver:
- description: "driver is the name of the driver to use for this volume."
- type: "string"
- fsType:
- description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
- type: "string"
- options:
- additionalProperties:
- type: "string"
- description: "options is Optional: this field holds extra command options if any."
- type: "object"
- readOnly:
- description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- secretRef:
- description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- required:
- - "driver"
- type: "object"
- flocker:
- description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running"
- properties:
- datasetName:
- description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated"
- type: "string"
- datasetUUID:
- description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset"
- type: "string"
- type: "object"
- gcePersistentDisk:
- description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
- properties:
- fsType:
- description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine"
- type: "string"
- partition:
- description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
- format: "int32"
- type: "integer"
- pdName:
- description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
- type: "string"
- readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
- type: "boolean"
- required:
- - "pdName"
- type: "object"
- gitRepo:
- description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container."
- properties:
- directory:
- description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name."
- type: "string"
- repository:
- description: "repository is the URL"
- type: "string"
- revision:
- description: "revision is the commit hash for the specified revision."
- type: "string"
- required:
- - "repository"
- type: "object"
- glusterfs:
- description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md"
- properties:
- endpoints:
- description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
- type: "string"
- path:
- description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
- type: "string"
- readOnly:
- description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
- type: "boolean"
- required:
- - "endpoints"
- - "path"
- type: "object"
- hostPath:
- description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write."
- properties:
- path:
- description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
- type: "string"
- type:
- description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
- type: "string"
- required:
- - "path"
- type: "object"
- iscsi:
- description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md"
- properties:
- chapAuthDiscovery:
- description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication"
- type: "boolean"
- chapAuthSession:
- description: "chapAuthSession defines whether support iSCSI Session CHAP authentication"
- type: "boolean"
- fsType:
- description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine"
- type: "string"
- initiatorName:
- description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection."
- type: "string"
- iqn:
- description: "iqn is the target iSCSI Qualified Name."
- type: "string"
- iscsiInterface:
- description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)."
- type: "string"
- lun:
- description: "lun represents iSCSI Target Lun number."
- format: "int32"
- type: "integer"
- portals:
- description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
- items:
- type: "string"
- type: "array"
- readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
- type: "boolean"
- secretRef:
- description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- targetPortal:
- description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
- type: "string"
- required:
- - "iqn"
- - "lun"
- - "targetPortal"
- type: "object"
- name:
- description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
- type: "string"
- nfs:
- description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
- properties:
- path:
- description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
- type: "string"
- readOnly:
- description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
- type: "boolean"
- server:
- description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
- type: "string"
- required:
- - "path"
- - "server"
- type: "object"
- persistentVolumeClaim:
- description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
- properties:
- claimName:
- description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
- type: "string"
- readOnly:
- description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false."
- type: "boolean"
- required:
- - "claimName"
- type: "object"
- photonPersistentDisk:
- description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine"
- properties:
- fsType:
- description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
- type: "string"
- pdID:
- description: "pdID is the ID that identifies Photon Controller persistent disk"
- type: "string"
- required:
- - "pdID"
- type: "object"
- portworxVolume:
- description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine"
- properties:
- fsType:
- description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
- type: "string"
- readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- volumeID:
- description: "volumeID uniquely identifies a Portworx volume"
- type: "string"
- required:
- - "volumeID"
- type: "object"
- projected:
- description: "projected items for all in one resources secrets, configmaps, and downward API"
- properties:
- defaultMode:
- description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- sources:
- description: "sources is the list of volume projections"
- items:
- description: "Projection that may be projected along with other supported volume types"
- properties:
- configMap:
- description: "configMap information about the configMap data to project"
- properties:
- items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
- items:
- description: "Maps a string key to a path within a volume."
- properties:
- key:
- description: "key is the key to project."
- type: "string"
- mode:
- description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- path:
- description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
- type: "string"
- required:
- - "key"
- - "path"
- type: "object"
- type: "array"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "optional specify whether the ConfigMap or its keys must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- downwardAPI:
- description: "downwardAPI information about the downwardAPI data to project"
- properties:
- items:
- description: "Items is a list of DownwardAPIVolume file"
- items:
- description: "DownwardAPIVolumeFile represents information to create the file containing the pod field"
- properties:
- fieldRef:
- description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- mode:
- description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- path:
- description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
- type: "string"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- required:
- - "path"
- type: "object"
- type: "array"
- type: "object"
- secret:
- description: "secret information about the secret data to project"
- properties:
- items:
- description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
- items:
- description: "Maps a string key to a path within a volume."
- properties:
- key:
- description: "key is the key to project."
- type: "string"
- mode:
- description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- path:
- description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
- type: "string"
- required:
- - "key"
- - "path"
- type: "object"
- type: "array"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "optional field specify whether the Secret or its key must be defined"
- type: "boolean"
- type: "object"
- x-kubernetes-map-type: "atomic"
- serviceAccountToken:
- description: "serviceAccountToken is information about the serviceAccountToken data to project"
- properties:
- audience:
- description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver."
- type: "string"
- expirationSeconds:
- description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes."
- format: "int64"
- type: "integer"
- path:
- description: "path is the path relative to the mount point of the file to project the\ntoken into."
- type: "string"
- required:
- - "path"
- type: "object"
- type: "object"
- type: "array"
- type: "object"
- quobyte:
- description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
- properties:
- group:
- description: "group to map volume access to\nDefault is no group"
- type: "string"
- readOnly:
- description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false."
- type: "boolean"
- registry:
- description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes"
- type: "string"
- tenant:
- description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin"
- type: "string"
- user:
- description: "user to map volume access to\nDefaults to serivceaccount user"
- type: "string"
- volume:
- description: "volume is a string that references an already created Quobyte volume by name."
- type: "string"
- required:
- - "registry"
- - "volume"
- type: "object"
- rbd:
- description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md"
- properties:
- fsType:
- description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine"
- type: "string"
- image:
- description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- type: "string"
- keyring:
- description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- type: "string"
- monitors:
- description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- items:
- type: "string"
- type: "array"
- pool:
- description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- type: "string"
- readOnly:
- description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- type: "boolean"
- secretRef:
- description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- user:
- description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
- type: "string"
- required:
- - "image"
- - "monitors"
- type: "object"
- scaleIO:
- description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes."
- properties:
- fsType:
- description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"."
- type: "string"
- gateway:
- description: "gateway is the host address of the ScaleIO API Gateway."
- type: "string"
- protectionDomain:
- description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage."
- type: "string"
- readOnly:
- description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- secretRef:
- description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- sslEnabled:
- description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false"
- type: "boolean"
- storageMode:
- description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned."
- type: "string"
- storagePool:
- description: "storagePool is the ScaleIO Storage Pool associated with the protection domain."
- type: "string"
- system:
- description: "system is the name of the storage system as configured in ScaleIO."
- type: "string"
- volumeName:
- description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source."
- type: "string"
- required:
- - "gateway"
- - "secretRef"
- - "system"
- type: "object"
- secret:
- description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
- properties:
- defaultMode:
- description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- items:
- description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
- items:
- description: "Maps a string key to a path within a volume."
- properties:
- key:
- description: "key is the key to project."
- type: "string"
- mode:
- description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
- format: "int32"
- type: "integer"
- path:
- description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
- type: "string"
- required:
- - "key"
- - "path"
- type: "object"
- type: "array"
- optional:
- description: "optional field specify whether the Secret or its keys must be defined"
- type: "boolean"
- secretName:
- description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
- type: "string"
- type: "object"
- storageos:
- description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes."
- properties:
- fsType:
- description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
- type: "string"
- readOnly:
- description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
- type: "boolean"
- secretRef:
- description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
- properties:
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- type: "object"
- x-kubernetes-map-type: "atomic"
- volumeName:
- description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace."
- type: "string"
- volumeNamespace:
- description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created."
- type: "string"
- type: "object"
- vsphereVolume:
- description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine"
- properties:
- fsType:
- description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
- type: "string"
- storagePolicyID:
- description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName."
- type: "string"
- storagePolicyName:
- description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name."
- type: "string"
- volumePath:
- description: "volumePath is the path that identifies vSphere volume vmdk"
- type: "string"
- required:
- - "volumePath"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- required:
- - "containers"
- type: "object"
- x-kubernetes-preserve-unknown-fields: true
- postStartSpec:
- description: "Defines the command to be executed when the component is ready, and the command will only be executed once after\nthe component becomes ready."
- properties:
- cmdExecutorConfig:
- description: "Specifies the post-start command to be executed."
- properties:
- args:
- description: "Additional parameters used in the execution of the command."
- items:
- type: "string"
- type: "array"
- command:
- description: "The command to be executed."
- items:
- type: "string"
- minItems: 1
- type: "array"
- env:
- description: "A list of environment variables that will be injected into the command execution context."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-preserve-unknown-fields: true
- image:
- description: "Specifies the image used to execute the command."
- type: "string"
- required:
- - "command"
- - "image"
- type: "object"
- scriptSpecSelectors:
- description: "Used to select the script that need to be referenced.\nWhen defined, the scripts defined in scriptSpecs can be referenced within the CmdExecutorConfig."
- items:
- properties:
- name:
- description: "Represents the name of the ScriptSpec referent."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- required:
- - "cmdExecutorConfig"
- type: "object"
- probes:
- description: "Settings for health checks."
- properties:
- roleProbe:
- description: "Specifies the probe used for checking the role of the component."
- properties:
- commands:
- description: "Commands used to execute for probe."
- properties:
- queries:
- description: "Defines read checks that are executed on the probe sidecar."
- items:
- type: "string"
- type: "array"
- writes:
- description: "Defines write checks that are executed on the probe sidecar."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- default: 3
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded."
- format: "int32"
- minimum: 2.0
- type: "integer"
- periodSeconds:
- default: 1
- description: "How often (in seconds) to perform the probe."
- format: "int32"
- minimum: 1.0
- type: "integer"
- timeoutSeconds:
- default: 1
- description: "Number of seconds after which the probe times out. Defaults to 1 second."
- format: "int32"
- minimum: 1.0
- type: "integer"
- type: "object"
- roleProbeTimeoutAfterPodsReady:
- description: "Defines the timeout (in seconds) for the role probe after all pods of the component are ready.\nThe system will check if the application is available in the pod.\nIf pods exceed the InitializationTimeoutSeconds time without a role label, this component will enter the\nFailed/Abnormal phase.\n\n\nNote that this configuration will only take effect if the component supports RoleProbe\nand will not affect the life cycle of the pod. default values are 60 seconds."
- format: "int32"
- minimum: 30.0
- type: "integer"
- runningProbe:
- description: "Specifies the probe used for checking the running status of the component."
- properties:
- commands:
- description: "Commands used to execute for probe."
- properties:
- queries:
- description: "Defines read checks that are executed on the probe sidecar."
- items:
- type: "string"
- type: "array"
- writes:
- description: "Defines write checks that are executed on the probe sidecar."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- default: 3
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded."
- format: "int32"
- minimum: 2.0
- type: "integer"
- periodSeconds:
- default: 1
- description: "How often (in seconds) to perform the probe."
- format: "int32"
- minimum: 1.0
- type: "integer"
- timeoutSeconds:
- default: 1
- description: "Number of seconds after which the probe times out. Defaults to 1 second."
- format: "int32"
- minimum: 1.0
- type: "integer"
- type: "object"
- statusProbe:
- description: "Specifies the probe used for checking the status of the component."
- properties:
- commands:
- description: "Commands used to execute for probe."
- properties:
- queries:
- description: "Defines read checks that are executed on the probe sidecar."
- items:
- type: "string"
- type: "array"
- writes:
- description: "Defines write checks that are executed on the probe sidecar."
- items:
- type: "string"
- type: "array"
- type: "object"
- failureThreshold:
- default: 3
- description: "Minimum consecutive failures for the probe to be considered failed after having succeeded."
- format: "int32"
- minimum: 2.0
- type: "integer"
- periodSeconds:
- default: 1
- description: "How often (in seconds) to perform the probe."
- format: "int32"
- minimum: 1.0
- type: "integer"
- timeoutSeconds:
- default: 1
- description: "Number of seconds after which the probe times out. Defaults to 1 second."
- format: "int32"
- minimum: 1.0
- type: "integer"
- type: "object"
- type: "object"
- replicationSpec:
- description: "Defines spec for `Replication` workloads."
- properties:
- llPodManagementPolicy:
- description: "Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down."
- type: "string"
- llUpdateStrategy:
- description: "Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a\nrevision to the Template.\n`UpdateStrategy` will be ignored if this is provided."
- properties:
- rollingUpdate:
- description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType."
- properties:
- maxUnavailable:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable."
- x-kubernetes-int-or-string: true
- partition:
- description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0."
- format: "int32"
- type: "integer"
- type: "object"
- type:
- description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate."
- type: "string"
- type: "object"
- updateStrategy:
- default: "Serial"
- description: "Specifies the strategy for updating Pods.\nFor workloadType=`Consensus`, the update strategy can be one of the following:\n\n\n- `Serial`: Updates Members sequentially to minimize component downtime.\n- `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online\nat all times.\n- `Parallel`: Forces parallel updates."
- enum:
- - "Serial"
- - "BestEffortParallel"
- - "Parallel"
- type: "string"
- type: "object"
- rsmSpec:
- description: "Defines workload spec of this component.\nFrom KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB.\nRSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases."
- properties:
- memberUpdateStrategy:
- description: "Describes the strategy for updating Members (Pods).\n\n\n- `Serial`: Updates Members sequentially to ensure minimum component downtime.\n- `BestEffortParallel`: Updates Members in parallel to ensure minimum component write downtime.\n- `Parallel`: Forces parallel updates."
- enum:
- - "Serial"
- - "BestEffortParallel"
- - "Parallel"
- type: "string"
- membershipReconfiguration:
- description: "Indicates the actions required for dynamic membership reconfiguration."
- properties:
- logSyncAction:
- description: "Defines the action to trigger the new member to start log syncing.\nIf the Image is not configured, the Image from the previous non-nil action will be used."
- properties:
- args:
- description: "Additional parameters used to perform specific statements. This field is optional."
- items:
- type: "string"
- type: "array"
- command:
- description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required."
- items:
- type: "string"
- type: "array"
- image:
- description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information."
- type: "string"
- required:
- - "command"
- type: "object"
- memberJoinAction:
- description: "Defines the action to add a member.\nIf the Image is not configured, the Image from the previous non-nil action will be used."
- properties:
- args:
- description: "Additional parameters used to perform specific statements. This field is optional."
- items:
- type: "string"
- type: "array"
- command:
- description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required."
- items:
- type: "string"
- type: "array"
- image:
- description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information."
- type: "string"
- required:
- - "command"
- type: "object"
- memberLeaveAction:
- description: "Defines the action to remove a member.\nIf the Image is not configured, the Image from the previous non-nil action will be used."
- properties:
- args:
- description: "Additional parameters used to perform specific statements. This field is optional."
- items:
- type: "string"
- type: "array"
- command:
- description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required."
- items:
- type: "string"
- type: "array"
- image:
- description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information."
- type: "string"
- required:
- - "command"
- type: "object"
- promoteAction:
- description: "Defines the action to inform the cluster that the new member can join voting now.\nIf the Image is not configured, the Image from the previous non-nil action will be used."
- properties:
- args:
- description: "Additional parameters used to perform specific statements. This field is optional."
- items:
- type: "string"
- type: "array"
- command:
- description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required."
- items:
- type: "string"
- type: "array"
- image:
- description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information."
- type: "string"
- required:
- - "command"
- type: "object"
- switchoverAction:
- description: "Specifies the environment variables that can be used in all following Actions:\n- KB_ITS_USERNAME: Represents the username part of the credential\n- KB_ITS_PASSWORD: Represents the password part of the credential\n- KB_ITS_LEADER_HOST: Represents the leader host\n- KB_ITS_TARGET_HOST: Represents the target host\n- KB_ITS_SERVICE_PORT: Represents the service port\n\n\nDefines the action to perform a switchover.\nIf the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used."
- properties:
- args:
- description: "Additional parameters used to perform specific statements. This field is optional."
- items:
- type: "string"
- type: "array"
- command:
- description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required."
- items:
- type: "string"
- type: "array"
- image:
- description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information."
- type: "string"
- required:
- - "command"
- type: "object"
- type: "object"
- roleProbe:
- description: "Defines the method used to probe a role."
- properties:
- builtinHandlerName:
- description: "Specifies the builtin handler name to use to probe the role of the main container.\nAvailable handlers include: mysql, postgres, mongodb, redis, etcd, kafka.\nUse CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement."
- type: "string"
- customHandler:
- description: "Defines a custom method for role probing.\nIf the BuiltinHandler meets the requirement, use it instead.\nActions defined here are executed in series.\nUpon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles.\nThe latest [BusyBox](https://busybox.net/) image will be used if Image is not configured.\nEnvironment variables can be used in Command:\n- v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix\n- KB_ITS_USERNAME: username part of the credential\n- KB_ITS_PASSWORD: password part of the credential"
- items:
- properties:
- args:
- description: "Additional parameters used to perform specific statements. This field is optional."
- items:
- type: "string"
- type: "array"
- command:
- description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required."
- items:
- type: "string"
- type: "array"
- image:
- description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information."
- type: "string"
- required:
- - "command"
- type: "object"
- type: "array"
- failureThreshold:
- default: 3
- description: "Specifies the minimum number of consecutive failures for the probe to be considered failed after having succeeded."
- format: "int32"
- minimum: 1.0
- type: "integer"
- initialDelaySeconds:
- default: 0
- description: "Specifies the number of seconds to wait after the container has started before initiating role probing."
- format: "int32"
- minimum: 0.0
- type: "integer"
- periodSeconds:
- default: 2
- description: "Specifies the frequency (in seconds) of probe execution."
- format: "int32"
- minimum: 1.0
- type: "integer"
- roleUpdateMechanism:
- default: "ReadinessProbeEventUpdate"
- description: "Specifies the method for updating the pod role label."
- enum:
- - "ReadinessProbeEventUpdate"
- - "DirectAPIServerEventUpdate"
- type: "string"
- successThreshold:
- default: 1
- description: "Specifies the minimum number of consecutive successes for the probe to be considered successful after having failed."
- format: "int32"
- minimum: 1.0
- type: "integer"
- timeoutSeconds:
- default: 1
- description: "Specifies the number of seconds after which the probe times out."
- format: "int32"
- minimum: 1.0
- type: "integer"
- type: "object"
- roles:
- description: "Specifies a list of roles defined within the system."
- items:
- properties:
- accessMode:
- default: "ReadWrite"
- description: "Specifies the service capabilities of this member."
- enum:
- - "None"
- - "Readonly"
- - "ReadWrite"
- type: "string"
- canVote:
- default: true
- description: "Indicates if this member has voting rights."
- type: "boolean"
- isLeader:
- default: false
- description: "Determines if this member is the leader."
- type: "boolean"
- name:
- default: "leader"
- description: "Defines the role name of the replica."
- type: "string"
- required:
- - "accessMode"
- - "name"
- type: "object"
- type: "array"
- type: "object"
- scriptSpecs:
- description: "Defines the template of scripts."
- items:
- properties:
- defaultMode:
- description: "The operator attempts to set default file permissions for scripts (0555) and configurations (0444).\nHowever, certain database engines may require different file permissions.\nYou can specify the desired file permissions here.\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information."
- format: "int32"
- type: "integer"
- name:
- description: "Specifies the name of the configuration template."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- namespace:
- default: "default"
- description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
- templateRef:
- description: "Specifies the name of the referenced configuration template ConfigMap object."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- volumeName:
- description: "Refers to the volume name of PodTemplate. The configuration file produced through the configuration\ntemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.\nThe volume name must be defined in podSpec.containers[*].volumeMounts."
- maxLength: 63
- pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$"
- type: "string"
- required:
- - "name"
- - "volumeName"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- service:
- description: "Defines the service spec."
- properties:
- ports:
- description: "The list of ports that are exposed by this service.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies"
- items:
- description: "ServicePort is deprecated since v0.8."
- properties:
- appProtocol:
- description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol."
- type: "string"
- name:
- description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort."
- type: "string"
- port:
- description: "The port that will be exposed by this service."
- format: "int32"
- type: "integer"
- protocol:
- default: "TCP"
- description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP."
- enum:
- - "TCP"
- - "UDP"
- - "SCTP"
- type: "string"
- targetPort:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Number or name of the port to access on the pods targeted by the service.\n\n\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\n\n\n- If this is a string, it will be looked up as a named port in the target Pod's container ports.\n- If this is not specified, the value of the `port` field is used (an identity map).\n\n\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the `port` field.\n\n\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service"
- x-kubernetes-int-or-string: true
- required:
- - "port"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "port"
- - "protocol"
- x-kubernetes-list-type: "map"
- type: "object"
- serviceRefDeclarations:
- description: "Used to declare the service reference of the current component."
- items:
- description: "ServiceRefDeclaration represents a reference to a service that can be either provided by a KubeBlocks Cluster\nor an external service.\nIt acts as a placeholder for the actual service reference, which is determined later when a Cluster is created.\n\n\nThe purpose of ServiceRefDeclaration is to declare a service dependency without specifying the concrete details\nof the service.\nIt allows for flexibility and abstraction in defining service references within a Component.\nBy using ServiceRefDeclaration, you can define service dependencies in a declarative manner, enabling loose coupling\nand easier management of service references across different components and clusters.\n\n\nUpon Cluster creation, the ServiceRefDeclaration is bound to an actual service through the ServiceRef field,\neffectively resolving and connecting to the specified service."
- properties:
- name:
- description: "Specifies the name of the ServiceRefDeclaration."
- type: "string"
- optional:
- description: "Specifies whether the service reference can be optional.\n\n\nFor an optional service-ref, the component can still be created even if the service-ref is not provided."
- type: "boolean"
- serviceRefDeclarationSpecs:
- description: "Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclaration\nupon Cluster creation.\nEach ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion,\noutlining the acceptable service types and versions that are compatible.\n\n\nThis flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs.\nFor example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed,\neither MySQL or PostgreSQL services can be used when binding."
- items:
- properties:
- serviceKind:
- description: "Specifies the type or nature of the service. This should be a well-known application cluster type, such as\n{mysql, redis, mongodb}.\nThe field is case-insensitive and supports abbreviations for some well-known databases.\nFor instance, both `zk` and `zookeeper` are considered as a ZooKeeper cluster, while `pg`, `postgres`, `postgresql`\nare all recognized as a PostgreSQL cluster."
- type: "string"
- serviceVersion:
- description: "Defines the service version of the service reference. This is a regular expression that matches a version number pattern.\nFor instance, `^8.0.8$`, `8.0.\\d{1,2}$`, `^[v\\-]*?(\\d{1,2}\\.){0,3}\\d{1,2}$` are all valid patterns."
- type: "string"
- required:
- - "serviceKind"
- - "serviceVersion"
- type: "object"
- type: "array"
- required:
- - "name"
- - "serviceRefDeclarationSpecs"
- type: "object"
- type: "array"
- statefulSpec:
- description: "Defines spec for `Stateful` workloads."
- properties:
- llPodManagementPolicy:
- description: "Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down."
- type: "string"
- llUpdateStrategy:
- description: "Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a\nrevision to the Template.\n`UpdateStrategy` will be ignored if this is provided."
- properties:
- rollingUpdate:
- description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType."
- properties:
- maxUnavailable:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable."
- x-kubernetes-int-or-string: true
- partition:
- description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0."
- format: "int32"
- type: "integer"
- type: "object"
- type:
- description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate."
- type: "string"
- type: "object"
- updateStrategy:
- default: "Serial"
- description: "Specifies the strategy for updating Pods.\nFor workloadType=`Consensus`, the update strategy can be one of the following:\n\n\n- `Serial`: Updates Members sequentially to minimize component downtime.\n- `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online\nat all times.\n- `Parallel`: Forces parallel updates."
- enum:
- - "Serial"
- - "BestEffortParallel"
- - "Parallel"
- type: "string"
- type: "object"
- statelessSpec:
- description: "Defines spec for `Stateless` workloads."
- properties:
- updateStrategy:
- description: "Specifies the deployment strategy that will be used to replace existing pods with new ones."
- properties:
- rollingUpdate:
- description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be."
- properties:
- maxSurge:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 25%.\nExample: when this is set to 30%, the new ReplicaSet can be scaled up immediately when\nthe rolling update starts, such that the total number of old and new pods do not exceed\n130% of desired pods. Once old pods have been killed,\nnew ReplicaSet can be scaled up further, ensuring that total number of pods running\nat any time during the update is at most 130% of desired pods."
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 25%.\nExample: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods\nimmediately when the rolling update starts. Once new pods are ready, old ReplicaSet\ncan be scaled down further, followed by scaling up the new ReplicaSet, ensuring\nthat the total number of pods available at all times during the update is at\nleast 70% of desired pods."
- x-kubernetes-int-or-string: true
- type: "object"
- type:
- description: "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate."
- type: "string"
- type: "object"
- type: "object"
- switchoverSpec:
- description: "Defines command to do switchover.\nIn particular, when workloadType=Replication, the command defined in switchoverSpec will only be executed under\nthe condition of cluster.componentSpecs[x].SwitchPolicy.type=Noop."
- properties:
- withCandidate:
- description: "Represents the action of switching over to a specified candidate primary or leader instance."
- properties:
- cmdExecutorConfig:
- description: "Specifies the switchover command."
- properties:
- args:
- description: "Additional parameters used in the execution of the command."
- items:
- type: "string"
- type: "array"
- command:
- description: "The command to be executed."
- items:
- type: "string"
- minItems: 1
- type: "array"
- env:
- description: "A list of environment variables that will be injected into the command execution context."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-preserve-unknown-fields: true
- image:
- description: "Specifies the image used to execute the command."
- type: "string"
- required:
- - "command"
- - "image"
- type: "object"
- scriptSpecSelectors:
- description: "Used to select the script that need to be referenced.\nWhen defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig."
- items:
- properties:
- name:
- description: "Represents the name of the ScriptSpec referent."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- required:
- - "cmdExecutorConfig"
- type: "object"
- withoutCandidate:
- description: "Represents the action of switching over without specifying a candidate primary or leader instance."
- properties:
- cmdExecutorConfig:
- description: "Specifies the switchover command."
- properties:
- args:
- description: "Additional parameters used in the execution of the command."
- items:
- type: "string"
- type: "array"
- command:
- description: "The command to be executed."
- items:
- type: "string"
- minItems: 1
- type: "array"
- env:
- description: "A list of environment variables that will be injected into the command execution context."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-preserve-unknown-fields: true
- image:
- description: "Specifies the image used to execute the command."
- type: "string"
- required:
- - "command"
- - "image"
- type: "object"
- scriptSpecSelectors:
- description: "Used to select the script that need to be referenced.\nWhen defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig."
- items:
- properties:
- name:
- description: "Represents the name of the ScriptSpec referent."
- maxLength: 63
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- required:
- - "cmdExecutorConfig"
- type: "object"
- type: "object"
- systemAccounts:
- description: "Defines system accounts needed to manage the component, and the statement to create them."
- properties:
- accounts:
- description: "Defines the configuration settings for system accounts."
- items:
- description: "SystemAccountConfig specifies how to create and delete system accounts.\n\n\nDeprecated since v0.9."
- properties:
- name:
- description: "The unique identifier of a system account."
- enum:
- - "kbadmin"
- - "kbdataprotection"
- - "kbprobe"
- - "kbmonitoring"
- - "kbreplicator"
- type: "string"
- provisionPolicy:
- description: "Outlines the strategy for creating the account."
- properties:
- scope:
- default: "AnyPods"
- description: "Defines the scope within which the account is provisioned."
- type: "string"
- secretRef:
- description: "The external secret to refer."
- properties:
- name:
- description: "The unique identifier of the secret."
- type: "string"
- namespace:
- description: "The namespace where the secret is located."
- type: "string"
- required:
- - "name"
- - "namespace"
- type: "object"
- statements:
- description: "The statement to provision an account."
- properties:
- creation:
- description: "Specifies the statement required to create a new account with the necessary privileges."
- type: "string"
- deletion:
- description: "Defines the statement required to delete an existing account.\nTypically used in conjunction with the creation statement to delete an account before recreating it.\nFor example, one might use a `drop user if exists` statement followed by a `create user` statement to ensure a fresh account.\n\n\nDeprecated: This field is deprecated and the update statement should be used instead."
- type: "string"
- update:
- description: "Defines the statement required to update the password of an existing account."
- type: "string"
- required:
- - "creation"
- type: "object"
- type:
- description: "Specifies the method to provision an account."
- enum:
- - "CreateByStmt"
- - "ReferToExisting"
- type: "string"
- required:
- - "scope"
- - "type"
- type: "object"
- required:
- - "name"
- - "provisionPolicy"
- type: "object"
- minItems: 1
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- cmdExecutorConfig:
- description: "Configures how to obtain the client SDK and execute statements."
- properties:
- args:
- description: "Additional parameters used in the execution of the command."
- items:
- type: "string"
- type: "array"
- command:
- description: "The command to be executed."
- items:
- type: "string"
- minItems: 1
- type: "array"
- env:
- description: "A list of environment variables that will be injected into the command execution context."
- items:
- description: "EnvVar represents an environment variable present in a Container."
- properties:
- name:
- description: "Name of the environment variable. Must be a C_IDENTIFIER."
- type: "string"
- value:
- description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
- type: "string"
- valueFrom:
- description: "Source for the environment variable's value. Cannot be used if value is not empty."
- properties:
- configMapKeyRef:
- description: "Selects a key of a ConfigMap."
- properties:
- key:
- description: "The key to select."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the ConfigMap or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- fieldRef:
- description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
- properties:
- apiVersion:
- description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
- type: "string"
- fieldPath:
- description: "Path of the field to select in the specified API version."
- type: "string"
- required:
- - "fieldPath"
- type: "object"
- x-kubernetes-map-type: "atomic"
- resourceFieldRef:
- description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
- properties:
- containerName:
- description: "Container name: required for volumes, optional for env vars"
- type: "string"
- divisor:
- anyOf:
- - type: "integer"
- - type: "string"
- description: "Specifies the output format of the exposed resources, defaults to \"1\""
- pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$"
- x-kubernetes-int-or-string: true
- resource:
- description: "Required: resource to select"
- type: "string"
- required:
- - "resource"
- type: "object"
- x-kubernetes-map-type: "atomic"
- secretKeyRef:
- description: "Selects a key of a secret in the pod's namespace"
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
- type: "string"
- optional:
- description: "Specify whether the Secret or its key must be defined"
- type: "boolean"
- required:
- - "key"
- type: "object"
- x-kubernetes-map-type: "atomic"
- type: "object"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-preserve-unknown-fields: true
- image:
- description: "Specifies the image used to execute the command."
- type: "string"
- required:
- - "command"
- - "image"
- type: "object"
- passwordConfig:
- description: "Defines the pattern used to generate passwords for system accounts."
- properties:
- length:
- default: 16
- description: "The length of the password."
- format: "int32"
- maximum: 32.0
- minimum: 8.0
- type: "integer"
- letterCase:
- default: "MixedCases"
- description: "The case of the letters in the password."
- enum:
- - "LowerCases"
- - "UpperCases"
- - "MixedCases"
- type: "string"
- numDigits:
- default: 4
- description: "The number of digits in the password."
- format: "int32"
- maximum: 8.0
- minimum: 0.0
- type: "integer"
- numSymbols:
- default: 0
- description: "The number of symbols in the password."
- format: "int32"
- maximum: 8.0
- minimum: 0.0
- type: "integer"
- seed:
- description: "Seed to generate the account's password.\nCannot be updated."
- type: "string"
- type: "object"
- required:
- - "accounts"
- - "cmdExecutorConfig"
- - "passwordConfig"
- type: "object"
- volumeProtectionSpec:
- description: "Defines settings to do volume protect."
- properties:
- highWatermark:
- default: 90
- description: "The high watermark threshold for volume space usage.\nIf there is any specified volumes who's space usage is over the threshold, the pre-defined \"LOCK\" action\nwill be triggered to degrade the service to protect volume from space exhaustion, such as to set the instance\nas read-only. And after that, if all volumes' space usage drops under the threshold later, the pre-defined\n\"UNLOCK\" action will be performed to recover the service normally."
- maximum: 100.0
- minimum: 0.0
- type: "integer"
- volumes:
- description: "The Volumes to be protected."
- items:
- description: "ProtectedVolume is deprecated since v0.9, replaced with ComponentVolume.HighWatermark."
- properties:
- highWatermark:
- description: "Defines the high watermark threshold for the volume, it will override the component level threshold.\nIf the value is invalid, it will be ignored and the component level threshold will be used."
- maximum: 100.0
- minimum: 0.0
- type: "integer"
- name:
- description: "The Name of the volume to protect."
- type: "string"
- type: "object"
- type: "array"
- type: "object"
- volumeTypes:
- description: "Used to describe the purpose of the volumes mapping the name of the VolumeMounts in the PodSpec.Container field,\nsuch as data volume, log volume, etc. When backing up the volume, the volume can be correctly backed up according\nto the volumeType.\n\n\nFor example:\n\n\n- `name: data, type: data` means that the volume named `data` is used to store `data`.\n- `name: binlog, type: log` means that the volume named `binlog` is used to store `log`.\n\n\nNOTE: When volumeTypes is not defined, the backup function will not be supported, even if a persistent volume has\nbeen specified."
- items:
- description: "VolumeTypeSpec is deprecated since v0.9, replaced with ComponentVolume."
- properties:
- name:
- description: "Corresponds to the name of the VolumeMounts field in PodSpec.Container."
- pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$"
- type: "string"
- type:
- description: "Type of data the volume will persistent."
- enum:
- - "data"
- - "log"
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- workloadType:
- description: "Defines the type of the workload.\n\n\n- `Stateless` describes stateless applications.\n- `Stateful` describes common stateful applications.\n- `Consensus` describes applications based on consensus protocols, such as raft and paxos.\n- `Replication` describes applications based on the primary-secondary data replication protocol."
- enum:
- - "Stateless"
- - "Stateful"
- - "Consensus"
- - "Replication"
- type: "string"
- required:
- - "name"
- - "workloadType"
- type: "object"
- x-kubernetes-validations:
- - message: "componentDefs.consensusSpec(deprecated) or componentDefs.rsmSpec(recommended) is required when componentDefs.workloadType is Consensus, and forbidden otherwise"
- rule: "has(self.workloadType) && self.workloadType == 'Consensus' ? (has(self.consensusSpec) || has(self.rsmSpec)) : !has(self.consensusSpec)"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
- connectionCredential:
- additionalProperties:
- type: "string"
- description: "Connection credential template used for creating a connection credential secret for cluster objects.\n\n\nBuilt-in objects are:\n\n\n- `$(RANDOM_PASSWD)` random 8 characters.\n- `$(STRONG_RANDOM_PASSWD)` random 16 characters, with mixed cases, digits and symbols.\n- `$(UUID)` generate a random UUID v4 string.\n- `$(UUID_B64)` generate a random UUID v4 BASE64 encoded string.\n- `$(UUID_STR_B64)` generate a random UUID v4 string then BASE64 encoded.\n- `$(UUID_HEX)` generate a random UUID v4 HEX representation.\n- `$(HEADLESS_SVC_FQDN)` headless service FQDN placeholder, value pattern is `$(CLUSTER_NAME)-$(1ST_COMP_NAME)-headless.$(NAMESPACE).svc`,\n where 1ST_COMP_NAME is the 1st component that provide `ClusterDefinition.spec.componentDefs[].service` attribute;\n- `$(SVC_FQDN)` service FQDN placeholder, value pattern is `$(CLUSTER_NAME)-$(1ST_COMP_NAME).$(NAMESPACE).svc`,\n where 1ST_COMP_NAME is the 1st component that provide `ClusterDefinition.spec.componentDefs[].service` attribute;\n- `$(SVC_PORT_{PORT-NAME})` is ServicePort's port value with specified port name, i.e, a servicePort JSON struct:\n `{\"name\": \"mysql\", \"targetPort\": \"mysqlContainerPort\", \"port\": 3306}`, and `$(SVC_PORT_mysql)` in the\n connection credential value is 3306.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
- type: "object"
topologies:
description: "Topologies defines all possible topologies within the cluster."
items:
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml
index 91aa60c49..e94a99106 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml
@@ -613,7 +613,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -643,6 +643,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -700,7 +712,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -730,6 +742,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -786,7 +810,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -816,6 +840,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -873,7 +909,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -903,6 +939,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -1071,21 +1119,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1471,21 +1504,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1539,6 +1557,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1793,6 +1814,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -2369,7 +2439,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2399,6 +2469,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2456,7 +2538,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2486,6 +2568,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2542,7 +2636,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2572,6 +2666,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2629,7 +2735,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2659,6 +2765,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2905,7 +3023,7 @@ spec:
description: "Stop the Component.\nIf set, all the computing resources will be released."
type: "boolean"
switchPolicy:
- description: "Defines the strategy for switchover and failover when workloadType is Replication.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
+ description: "Defines the strategy for switchover and failover.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
properties:
type:
default: "Noop"
@@ -3166,21 +3284,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -3538,21 +3641,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -3606,6 +3694,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -3860,6 +3951,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -4368,7 +4508,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -4398,6 +4538,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -4455,7 +4607,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -4485,6 +4637,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -4541,7 +4705,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -4571,6 +4735,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -4628,7 +4804,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -4658,6 +4834,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -4895,7 +5083,7 @@ spec:
description: "ServicePort contains information on service's port."
properties:
appProtocol:
- description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
+ description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
type: "string"
name:
description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service."
@@ -5453,7 +5641,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -5483,6 +5671,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -5540,7 +5740,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -5570,6 +5770,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -5626,7 +5838,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -5656,6 +5868,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -5713,7 +5937,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -5743,6 +5967,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -5911,21 +6147,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -6311,21 +6532,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -6379,6 +6585,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -6633,6 +6842,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -7209,7 +7467,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -7239,6 +7497,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -7296,7 +7566,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -7326,6 +7596,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -7382,7 +7664,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -7412,6 +7694,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -7469,7 +7763,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -7499,6 +7793,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -7745,7 +8051,7 @@ spec:
description: "Stop the Component.\nIf set, all the computing resources will be released."
type: "boolean"
switchPolicy:
- description: "Defines the strategy for switchover and failover when workloadType is Replication.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
+ description: "Defines the strategy for switchover and failover.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases."
properties:
type:
default: "Noop"
@@ -8006,21 +8312,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -8378,21 +8669,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -8446,6 +8722,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -8700,6 +8979,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml
index c9dda7f9c..076b1b172 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml
@@ -2386,7 +2386,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2416,6 +2416,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2473,7 +2485,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2503,6 +2515,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2559,7 +2583,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2589,6 +2613,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2646,7 +2682,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2676,6 +2712,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2913,6 +2961,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -2978,6 +3036,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -3766,6 +3834,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -3831,6 +3909,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -4631,6 +4719,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -4696,6 +4794,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -5889,21 +5997,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -5957,6 +6050,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -6211,6 +6307,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -6700,7 +6845,7 @@ spec:
description: "ServicePort contains information on service's port."
properties:
appProtocol:
- description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
+ description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
type: "string"
name:
description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service."
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml
index 176b9e8fe..97b046f3b 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml
@@ -518,7 +518,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -548,6 +548,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -605,7 +617,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -635,6 +647,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -691,7 +715,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -721,6 +745,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -778,7 +814,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -808,6 +844,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -976,21 +1024,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1376,21 +1409,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1444,6 +1462,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1698,6 +1719,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -2228,7 +2298,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2258,6 +2328,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2315,7 +2397,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2345,6 +2427,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2401,7 +2495,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2431,6 +2525,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2488,7 +2594,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2518,6 +2624,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2820,7 +2938,7 @@ spec:
description: "ServicePort contains information on service's port."
properties:
appProtocol:
- description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
+ description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
type: "string"
name:
description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service."
@@ -3034,21 +3152,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -3406,21 +3509,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -3474,6 +3562,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -3728,6 +3819,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml
index 79bef72b4..3e281c236 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml
@@ -335,7 +335,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -365,6 +365,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -422,7 +434,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -452,6 +464,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -508,7 +532,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -538,6 +562,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -595,7 +631,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -625,6 +661,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -862,6 +910,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -927,6 +985,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -1715,6 +1783,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -1780,6 +1858,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -2580,6 +2668,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -2645,6 +2743,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -3838,21 +3946,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -3906,6 +3999,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -4160,6 +4256,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml
index 8d26cce84..8f78cf5ea 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml
@@ -176,6 +176,10 @@ spec:
- "components"
- "opsDefinitionName"
type: "object"
+ enqueueOnForce:
+ default: false
+ description: "Indicates whether opsRequest should continue to queue when 'force' is set to true."
+ type: "boolean"
expose:
description: "Lists Expose objects, each specifying a Component and its services to be exposed."
items:
@@ -218,7 +222,7 @@ spec:
description: "ServicePort contains information on service's port."
properties:
appProtocol:
- description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
+ description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
type: "string"
name:
description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service."
@@ -638,7 +642,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -668,6 +672,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -725,7 +741,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -755,6 +771,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -811,7 +839,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -841,6 +869,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -898,7 +938,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -928,6 +968,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -1096,21 +1148,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1496,21 +1533,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1564,6 +1586,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1818,6 +1843,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -3024,14 +3098,6 @@ spec:
description: "Provides an explanation for the Component being in its current state."
maxLength: 1024
type: "string"
- workloadType:
- description: "Records the workload type of Component in ClusterDefinition.\nDeprecated and should be removed in the future version."
- enum:
- - "Stateless"
- - "Stateful"
- - "Consensus"
- - "Replication"
- type: "string"
type: "object"
description: "Records the status information of Components changed due to the OpsRequest."
type: "object"
@@ -3407,7 +3473,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3437,6 +3503,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3494,7 +3572,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3524,6 +3602,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3580,7 +3670,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3610,6 +3700,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3667,7 +3769,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3697,6 +3799,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3865,21 +3979,6 @@ spec:
resources:
description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources."
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -4265,21 +4364,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -4333,6 +4417,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -4587,6 +4674,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml
index 6d9ab8138..9e4691592 100644
--- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml
+++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml
@@ -226,6 +226,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -381,6 +412,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -541,6 +603,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -659,6 +752,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml
index f375cf6bb..c9d850275 100644
--- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml
+++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml
@@ -372,6 +372,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -527,6 +558,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -729,6 +791,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
@@ -852,6 +945,37 @@ spec:
podSelector:
description: "Used to find the target pod. The volumes of the target pod will be backed up."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml
index 806e670fb..666f87a75 100644
--- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml
+++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml
@@ -379,7 +379,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -409,6 +409,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -466,7 +478,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -496,6 +508,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -552,7 +576,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -582,6 +606,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -639,7 +675,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -669,6 +705,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -902,21 +950,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -970,6 +1003,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1078,21 +1114,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1146,6 +1167,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1270,6 +1294,37 @@ spec:
podSelector:
description: "Selects one of the pods, identified by labels, to build the job spec.\nThis includes mounting required volumes and injecting built-in environment variables of the selected pod."
properties:
+ fallbackLabelSelector:
+ description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
items:
diff --git a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml
index 35819ae57..68d9d43c4 100644
--- a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml
+++ b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml
@@ -549,7 +549,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -579,6 +579,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -636,7 +648,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -666,6 +678,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -722,7 +746,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -752,6 +776,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -809,7 +845,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -839,6 +875,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -1066,21 +1114,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1134,6 +1167,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1203,6 +1239,21 @@ spec:
- "type"
type: "object"
type: "array"
+ currentVolumeAttributesClassName:
+ description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature."
+ type: "string"
+ modifyVolumeStatus:
+ description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature."
+ properties:
+ status:
+ description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately."
+ type: "string"
+ targetVolumeAttributesClassName:
+ description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled"
+ type: "string"
+ required:
+ - "status"
+ type: "object"
phase:
description: "phase represents the current phase of PersistentVolumeClaim."
type: "string"
@@ -1563,21 +1614,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -1631,6 +1667,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -1885,6 +1924,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -2564,7 +2652,7 @@ spec:
description: "ServicePort contains information on service's port."
properties:
appProtocol:
- description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
+ description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol."
type: "string"
name:
description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service."
@@ -2687,6 +2775,9 @@ spec:
ip:
description: "IP is set for load-balancer ingress points that are IP based\n(typically GCE or OpenStack load-balancers)"
type: "string"
+ ipMode:
+ description: "IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified.\nSetting this to \"VIP\" indicates that traffic is delivered to the node with\nthe destination set to the load-balancer's IP and port.\nSetting this to \"Proxy\" indicates that traffic is delivered to the node or pod with\nthe destination set to the node's IP and node port or the pod's IP and port.\nService implementations may use this information to adjust traffic routing."
+ type: "string"
ports:
description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it"
items:
@@ -2883,7 +2974,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -2913,6 +3004,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -2970,7 +3073,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3000,6 +3103,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3056,7 +3171,7 @@ spec:
description: "Required. A pod affinity term, associated with the corresponding weight."
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3086,6 +3201,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3143,7 +3270,7 @@ spec:
description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
properties:
labelSelector:
- description: "A label query over a set of resources, in this case pods."
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
properties:
matchExpressions:
description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
@@ -3173,6 +3300,18 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
namespaceSelector:
description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
properties:
@@ -3410,6 +3549,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -3475,6 +3624,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -4263,6 +4422,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -4328,6 +4497,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -5128,6 +5307,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -5193,6 +5382,16 @@ spec:
required:
- "port"
type: "object"
+ sleep:
+ description: "Sleep represents the duration that the container should sleep before being terminated."
+ properties:
+ seconds:
+ description: "Seconds is the number of seconds to sleep."
+ format: "int64"
+ type: "integer"
+ required:
+ - "seconds"
+ type: "object"
tcpSocket:
description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
properties:
@@ -6386,21 +6585,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -6454,6 +6638,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -6708,6 +6895,55 @@ spec:
items:
description: "Projection that may be projected along with other supported volume types"
properties:
+ clusterTrustBundle:
+ description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
+ properties:
+ labelSelector:
+ description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ name:
+ description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
+ type: "string"
+ optional:
+ description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
+ type: "boolean"
+ path:
+ description: "Relative path from the volume root to write the bundle."
+ type: "string"
+ signerName:
+ description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
+ type: "string"
+ required:
+ - "path"
+ type: "object"
configMap:
description: "configMap information about the configMap data to project"
properties:
@@ -7131,21 +7367,6 @@ spec:
resources:
description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
properties:
- claims:
- description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers."
- items:
- description: "ResourceClaim references one entry in PodSpec.ResourceClaims."
- properties:
- name:
- description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
- type: "string"
- required:
- - "name"
- type: "object"
- type: "array"
- x-kubernetes-list-map-keys:
- - "name"
- x-kubernetes-list-type: "map"
limits:
additionalProperties:
anyOf:
@@ -7199,6 +7420,9 @@ spec:
storageClassName:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
+ volumeAttributesClassName:
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
type: "string"
@@ -7268,6 +7492,21 @@ spec:
- "type"
type: "object"
type: "array"
+ currentVolumeAttributesClassName:
+ description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature."
+ type: "string"
+ modifyVolumeStatus:
+ description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature."
+ properties:
+ status:
+ description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately."
+ type: "string"
+ targetVolumeAttributesClassName:
+ description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled"
+ type: "string"
+ required:
+ - "status"
+ type: "object"
phase:
description: "phase represents the current phase of PersistentVolumeClaim."
type: "string"
diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml
index db015970f..f82faa80c 100644
--- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml
+++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml
@@ -56,6 +56,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
certificateChain:
diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml
index 38ddcc23c..76bef6977 100644
--- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml
+++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml
@@ -230,6 +230,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
certificateSigningRequest:
@@ -242,6 +244,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
signingAlgorithm:
diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml
index 5f3d36b47..27e45829b 100644
--- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml
+++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml
@@ -39,6 +39,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
authorizerCredentialsARN:
diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml
index df615ead5..5556ff6f4 100644
--- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml
+++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml
@@ -39,6 +39,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
description:
diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml
index 9eb110419..01a64d338 100644
--- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml
+++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml
@@ -39,6 +39,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
connectionID:
@@ -51,6 +53,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
connectionType:
diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml
index 7aedc5090..d291ac468 100644
--- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml
+++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml
@@ -41,6 +41,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
authorizationScopes:
@@ -59,6 +61,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
modelSelectionExpression:
@@ -91,6 +95,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml
index 8df5c9f75..80241cf43 100644
--- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml
+++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml
@@ -49,6 +49,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
autoDeploy:
@@ -81,6 +83,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
description:
diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml
index 40058a76c..a06667c23 100644
--- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml
+++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml
@@ -507,6 +507,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
certificate:
diff --git a/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml b/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml
index 366e0f740..68316479a 100644
--- a/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml
+++ b/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml
@@ -40,6 +40,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
name:
diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml
index c70f5f340..2a1df3413 100644
--- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml
+++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml
@@ -55,6 +55,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
deletionProtection:
@@ -88,6 +90,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
masterUserPassword:
@@ -159,6 +163,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml
index 396a6e66c..5a52bc6b9 100644
--- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml
+++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml
@@ -71,6 +71,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
preferredMaintenanceWindow:
diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml
index ce1c32572..b2fd3e2d4 100644
--- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml
+++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml
@@ -49,6 +49,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml
index 1fa98abe9..2c9624231 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml
@@ -69,6 +69,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml
index 75c97de95..64be189af 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml
@@ -42,6 +42,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -71,6 +73,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml
index 2da2b395e..8f8b7b1b3 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml
@@ -47,6 +47,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
connectivityType:
@@ -63,6 +65,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
tags:
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml
index 9e5094047..4e6522d2b 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml
@@ -58,6 +58,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
instanceID:
@@ -74,6 +76,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
networkInterfaceID:
@@ -88,6 +92,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
vpcEndpointID:
@@ -100,6 +106,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
vpcPeeringConnectionID:
@@ -112,6 +120,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
@@ -138,6 +148,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml
index 89cc35a8d..eeb60f8cd 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml
@@ -96,6 +96,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
peeringStatus:
@@ -114,6 +116,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
@@ -180,6 +184,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
peeringStatus:
@@ -198,6 +204,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
@@ -229,6 +237,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml
index 66af95b14..851ecfcf3 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml
@@ -77,6 +77,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -106,6 +108,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml
index e690735ea..47b3a7f5f 100644
--- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml
+++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml
@@ -65,6 +65,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -82,6 +84,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -102,6 +106,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -130,6 +136,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml
index 845d24518..476846c88 100644
--- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml
+++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml
@@ -65,6 +65,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
posixUser:
diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml
index 64686145b..8843c5733 100644
--- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml
+++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml
@@ -94,6 +94,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
lifecyclePolicies:
diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml
index 28b010bdf..2947a032b 100644
--- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml
+++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml
@@ -74,6 +74,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
ipAddress:
@@ -88,6 +90,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -107,6 +111,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml
index 6c4e3de57..6defd1b5e 100644
--- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml
+++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml
@@ -70,6 +70,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
configurationValues:
@@ -92,6 +94,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
tags:
diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml
index 7b39cf9a1..43b0adc31 100644
--- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml
+++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml
@@ -79,6 +79,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
@@ -156,6 +158,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -173,6 +177,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -188,6 +194,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
tags:
diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml
index 871f0c80c..7f42d17f5 100644
--- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml
+++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml
@@ -60,6 +60,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
name:
@@ -76,6 +78,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
selectors:
@@ -100,6 +104,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml
index 5e0284cfc..d49477c8a 100644
--- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml
+++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml
@@ -82,6 +82,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
diskSize:
@@ -122,6 +124,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
releaseVersion:
@@ -142,6 +146,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -172,6 +178,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml
index 9d82bbccc..3663bb6b8 100644
--- a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml
+++ b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml
@@ -79,6 +79,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml
index 46e005cea..e042c7a73 100644
--- a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml
+++ b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml
@@ -38,6 +38,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml
index 98f05a023..095f0e3c5 100644
--- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml
+++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml
@@ -43,6 +43,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml
index d5368378b..b7fad03ae 100644
--- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml
+++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml
@@ -60,6 +60,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
name:
diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml
index 22440216f..bd9ca06df 100644
--- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml
+++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml
@@ -57,6 +57,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml
index 1ffcd057d..de1f61c1f 100644
--- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml
+++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml
@@ -40,6 +40,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
autoMinorVersionUpgrade:
@@ -82,6 +84,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
port:
@@ -102,6 +106,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -121,6 +127,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
snapshotRetentionLimit:
@@ -141,6 +149,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
subnetGroupName:
@@ -154,6 +164,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
tags:
diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml
index 944fe01ad..71c5c51b4 100644
--- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml
+++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml
@@ -40,6 +40,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
kmsKeyID:
@@ -53,6 +55,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
name:
diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml
index 2cc31d90d..2ea1643a7 100644
--- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml
+++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml
@@ -49,6 +49,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml b/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml
index 9841b55b1..0c55f069f 100644
--- a/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml
+++ b/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml
@@ -119,6 +119,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
@@ -141,6 +143,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml
index ab0da80f0..1f47667e1 100644
--- a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml
+++ b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml
@@ -60,7 +60,7 @@ spec:
items:
description: "The ID for a subnet that you want to associate with the firewall. This is\nused with CreateFirewall and AssociateSubnets. Network Firewall creates an\ninstance of the associated firewall in each subnet that you specify, to filter\ntraffic in the subnet's Availability Zone."
properties:
- iPAddressType:
+ ipAddressType:
type: "string"
subnetID:
type: "string"
@@ -162,7 +162,7 @@ spec:
items:
description: "The ID for a subnet that you want to associate with the firewall. This is\nused with CreateFirewall and AssociateSubnets. Network Firewall creates an\ninstance of the associated firewall in each subnet that you specify, to filter\ntraffic in the subnet's Availability Zone."
properties:
- iPAddressType:
+ ipAddressType:
type: "string"
subnetID:
type: "string"
diff --git a/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml b/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml
index 1102be3a3..d3f0fdd54 100644
--- a/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml
+++ b/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml
@@ -30,15 +30,15 @@ spec:
description: "DomainSpec defines the desired state of Domain."
properties:
accessPolicies:
- description: "IAM access policy as a JSON-formatted string."
+ description: "Identity and Access Management (IAM) policy document specifying the access\npolicies for the new domain."
type: "string"
advancedOptions:
additionalProperties:
type: "string"
- description: "Option to allow references to indices in an HTTP request body. Must be false\nwhen configuring access to individual sub-resources. By default, the value\nis true. See Advanced cluster parameters (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options)\nfor more information."
+ description: "Key-value pairs to specify advanced configuration options. The following\nkey-value pairs are supported:\n\n\n * \"rest.action.multi.allow_explicit_index\": \"true\" | \"false\" - Note the\n use of a string rather than a boolean. Specifies whether explicit references\n to indexes are allowed inside the body of HTTP requests. If you want to\n configure access policies for domain sub-resources, such as specific indexes\n and domain APIs, you must disable this property. Default is true.\n\n\n * \"indices.fielddata.cache.size\": \"80\" - Note the use of a string rather\n than a boolean. Specifies the percentage of heap space allocated to field\n data. Default is unbounded.\n\n\n * \"indices.query.bool.max_clause_count\": \"1024\" - Note the use of a string\n rather than a boolean. Specifies the maximum number of clauses allowed\n in a Lucene boolean query. Default is 1,024. Queries with more than the\n permitted number of clauses result in a TooManyClauses error.\n\n\n * \"override_main_response_version\": \"true\" | \"false\" - Note the use of\n a string rather than a boolean. Specifies whether the domain reports its\n version as 7.10 to allow Elasticsearch OSS clients and plugins to continue\n working with it. Default is false when creating a domain and true when\n upgrading a domain.\n\n\nFor more information, see Advanced cluster parameters (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options)."
type: "object"
advancedSecurityOptions:
- description: "Specifies advanced security options."
+ description: "Options for fine-grained access control."
properties:
anonymousAuthEnabled:
type: "boolean"
@@ -46,11 +46,23 @@ spec:
type: "boolean"
internalUserDatabaseEnabled:
type: "boolean"
+ jwtOptions:
+ description: "The JWT authentication and authorization configuration for an Amazon OpenSearch\nService domain."
+ properties:
+ enabled:
+ type: "boolean"
+ publicKey:
+ type: "string"
+ rolesKey:
+ type: "string"
+ subjectKey:
+ type: "string"
+ type: "object"
masterUserOptions:
- description: "Credentials for the master user: username and password, ARN, or both."
+ description: "Credentials for the master user for a domain."
properties:
masterUserARN:
- description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS\nIdentity and Access Management for more information."
+ description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon\nWeb Services Identity and Access Management for more information."
type: "string"
masterUserName:
type: "string"
@@ -72,12 +84,12 @@ spec:
x-kubernetes-map-type: "atomic"
type: "object"
sAMLOptions:
- description: "The SAML application configuration for the domain."
+ description: "The SAML authentication configuration for an Amazon OpenSearch Service domain."
properties:
enabled:
type: "boolean"
idp:
- description: "The SAML identity povider's information."
+ description: "The SAML identity povider information."
properties:
entityID:
type: "string"
@@ -97,26 +109,36 @@ spec:
type: "string"
type: "object"
type: "object"
+ aimlOptions:
+ description: "Options for all machine learning features for the specified domain."
+ properties:
+ naturalLanguageQueryGenerationOptions:
+ description: "Container for parameters required to enable the natural language query generation\nfeature."
+ properties:
+ desiredState:
+ type: "string"
+ type: "object"
+ type: "object"
autoTuneOptions:
- description: "Specifies Auto-Tune options."
+ description: "Options for Auto-Tune."
properties:
desiredState:
description: "The Auto-Tune desired state. Valid values are ENABLED and DISABLED."
type: "string"
maintenanceSchedules:
items:
- description: "Specifies the Auto-Tune maintenance schedule. See Auto-Tune for Amazon OpenSearch\nService (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information."
+ description: "This object is deprecated. Use the domain's off-peak window (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)\nto schedule Auto-Tune optimizations. For migration instructions, see Migrating\nfrom Auto-Tune maintenance windows (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html#off-peak-migrate).\n\n\nThe Auto-Tune maintenance schedule. For more information, see Auto-Tune for\nAmazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)."
properties:
cronExpressionForRecurrence:
type: "string"
duration:
- description: "The maintenance schedule duration: duration value and duration unit. See\nAuto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information."
+ description: "The duration of a maintenance schedule. For more information, see Auto-Tune\nfor Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)."
properties:
unit:
- description: "The unit of a maintenance schedule duration. Valid value is HOUR. See Auto-Tune\nfor Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information."
+ description: "The unit of a maintenance schedule duration. Valid value is HOUR."
type: "string"
value:
- description: "Integer to specify the value of a maintenance schedule duration. See Auto-Tune\nfor Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information."
+ description: "Integer that specifies the value of a maintenance schedule duration."
format: "int64"
type: "integer"
type: "object"
@@ -125,12 +147,14 @@ spec:
type: "string"
type: "object"
type: "array"
+ useOffPeakWindow:
+ type: "boolean"
type: "object"
clusterConfig:
- description: "Configuration options for a domain. Specifies the instance type and number\nof instances in the domain."
+ description: "Container for the cluster configuration of a domain."
properties:
coldStorageOptions:
- description: "Specifies the configuration for cold storage options such as enabled"
+ description: "Container for the parameters required to enable cold storage for an OpenSearch\nService domain. For more information, see Cold storage for Amazon OpenSearch\nService (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cold-storage.html)."
properties:
enabled:
type: "boolean"
@@ -147,6 +171,8 @@ spec:
type: "integer"
instanceType:
type: "string"
+ multiAZWithStandbyEnabled:
+ type: "boolean"
warmCount:
format: "int64"
type: "integer"
@@ -155,7 +181,7 @@ spec:
warmType:
type: "string"
zoneAwarenessConfig:
- description: "The zone awareness configuration for the domain cluster, such as the number\nof availability zones."
+ description: "The zone awareness configuration for an Amazon OpenSearch Service domain."
properties:
availabilityZoneCount:
format: "int64"
@@ -165,7 +191,7 @@ spec:
type: "boolean"
type: "object"
cognitoOptions:
- description: "Options to specify the Cognito user and identity pools for OpenSearch Dashboards\nauthentication. For more information, see Configuring Amazon Cognito authentication\nfor OpenSearch Dashboards (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html)."
+ description: "Key-value pairs to configure Amazon Cognito authentication. For more information,\nsee Configuring Amazon Cognito authentication for OpenSearch Dashboards (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html)."
properties:
enabled:
type: "boolean"
@@ -177,12 +203,12 @@ spec:
type: "string"
type: "object"
domainEndpointOptions:
- description: "Options to specify configurations that will be applied to the domain endpoint."
+ description: "Additional options for the domain endpoint, such as whether to require HTTPS\nfor all traffic."
properties:
customEndpoint:
type: "string"
customEndpointCertificateARN:
- description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS\nIdentity and Access Management for more information."
+ description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon\nWeb Services Identity and Access Management for more information."
type: "string"
customEndpointEnabled:
type: "boolean"
@@ -192,7 +218,7 @@ spec:
type: "string"
type: "object"
ebsOptions:
- description: "Options to enable, disable, and specify the type and size of EBS storage\nvolumes."
+ description: "Container for the parameters required to enable EBS-based storage for an\nOpenSearch Service domain."
properties:
ebsEnabled:
type: "boolean"
@@ -206,11 +232,11 @@ spec:
format: "int64"
type: "integer"
volumeType:
- description: "The type of EBS volume, standard, gp2, gp3 or io1. See Configuring EBS-based\nStorage (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs)\nfor more information."
+ description: "The type of EBS volume that a domain uses. For more information, see Configuring\nEBS-based storage (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs)."
type: "string"
type: "object"
encryptionAtRestOptions:
- description: "Options for encryption of data at rest."
+ description: "Key-value pairs to enable encryption at rest."
properties:
enabled:
type: "boolean"
@@ -218,11 +244,14 @@ spec:
type: "string"
type: "object"
engineVersion:
- description: "String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine\nversion for the Amazon OpenSearch Service domain. For example, \"OpenSearch_1.0\"\nor \"Elasticsearch_7.9\". For more information, see Creating and managing Amazon\nOpenSearch Service domains (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains)."
+ description: "String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine\nversion for the OpenSearch Service domain. For example, OpenSearch_1.0 or\nElasticsearch_7.9. For more information, see Creating and managing Amazon\nOpenSearch Service domains (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains)."
+ type: "string"
+ ipAddressType:
+ description: "Specify either dual stack or IPv4 as your IP address type. Dual stack allows\nyou to share domain resources across IPv4 and IPv6 address types, and is\nthe recommended option. If you set your IP address type to dual stack, you\ncan't change your address type later."
type: "string"
logPublishingOptions:
additionalProperties:
- description: "Log Publishing option that is set for a given domain. Attributes and their\ndetails:\n * CloudWatchLogsLogGroupArn: ARN of the Cloudwatch log group to publish\n logs to.\n\n\n * Enabled: Whether the log publishing for a given log type is enabled\n or not."
+ description: "Specifies whether the Amazon OpenSearch Service domain publishes the OpenSearch\napplication and slow logs to Amazon CloudWatch. For more information, see\nMonitoring OpenSearch logs with Amazon CloudWatch Logs (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html).\n\n\nAfter you enable log publishing, you still have to enable the collection\nof slow logs using the OpenSearch REST API."
properties:
cloudWatchLogsLogGroupARN:
description: "ARN of the Cloudwatch log group to publish logs to."
@@ -230,32 +259,58 @@ spec:
enabled:
type: "boolean"
type: "object"
- description: "Map of LogType and LogPublishingOption, each containing options to publish\na given type of OpenSearch log."
+ description: "Key-value pairs to configure log publishing."
type: "object"
name:
- description: "The name of the Amazon OpenSearch Service domain you're creating. Domain\nnames are unique across the domains owned by an account within an AWS region.\nDomain names must start with a lowercase letter and can contain the following\ncharacters: a-z (lowercase), 0-9, and - (hyphen)."
+ description: "Name of the OpenSearch Service domain to create. Domain names are unique\nacross the domains owned by an account within an Amazon Web Services Region."
type: "string"
nodeToNodeEncryptionOptions:
- description: "Node-to-node encryption options."
+ description: "Enables node-to-node encryption."
properties:
enabled:
type: "boolean"
type: "object"
+ offPeakWindowOptions:
+ description: "Specifies a daily 10-hour time block during which OpenSearch Service can\nperform configuration changes on the domain, including service software updates\nand Auto-Tune enhancements that require a blue/green deployment. If no options\nare specified, the default start time of 10:00 P.M. local time (for the Region\nthat the domain is created in) is used."
+ properties:
+ enabled:
+ type: "boolean"
+ offPeakWindow:
+ description: "A custom 10-hour, low-traffic window during which OpenSearch Service can\nperform mandatory configuration changes on the domain. These actions can\ninclude scheduled service software updates and blue/green Auto-Tune enhancements.\nOpenSearch Service will schedule these actions during the window that you\nspecify.\n\n\nIf you don't specify a window start time, it defaults to 10:00 P.M. local\ntime.\n\n\nFor more information, see Defining off-peak maintenance windows for Amazon\nOpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)."
+ properties:
+ windowStartTime:
+ description: "The desired start time for an off-peak maintenance window (https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_OffPeakWindow.html)."
+ properties:
+ hours:
+ format: "int64"
+ type: "integer"
+ minutes:
+ format: "int64"
+ type: "integer"
+ type: "object"
+ type: "object"
+ type: "object"
+ softwareUpdateOptions:
+ description: "Software update options for the domain."
+ properties:
+ autoSoftwareUpdateEnabled:
+ type: "boolean"
+ type: "object"
tags:
- description: "A list of Tag added during domain creation."
+ description: "List of tags to add to the domain upon creation."
items:
- description: "A key value pair for a resource tag."
+ description: "A tag (key-value pair) for an Amazon OpenSearch Service resource."
properties:
key:
- description: "A string of length from 1 to 128 characters that specifies the key for a\ntag. Tag keys must be unique for the domain to which they're attached."
+ description: "A string between 1 to 128 characters that specifies the key for a tag. Tag\nkeys must be unique for the domain to which they're attached."
type: "string"
value:
- description: "A string of length from 0 to 256 characters that specifies the value for\na tag. Tag values can be null and don't have to be unique in a tag set."
+ description: "A string between 0 to 256 characters that specifies the value for a tag.\nTag values can be null and don't have to be unique in a tag set."
type: "string"
type: "object"
type: "array"
vpcOptions:
- description: "Options to specify the subnets and security groups for a VPC endpoint. For\nmore information, see Launching your Amazon OpenSearch Service domains using\na VPC (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)."
+ description: "Container for the values required to configure VPC access domains. If you\ndon't specify these values, OpenSearch Service creates the domain with a\npublic endpoint. For more information, see Launching your Amazon OpenSearch\nService domains using a VPC (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)."
properties:
securityGroupIDs:
items:
@@ -289,12 +344,22 @@ spec:
- "region"
type: "object"
changeProgressDetails:
- description: "Specifies change details of the domain configuration change."
+ description: "Information about a configuration change happening on the domain."
properties:
changeID:
type: "string"
+ configChangeStatus:
+ type: "string"
+ initiatedBy:
+ type: "string"
+ lastUpdatedTime:
+ format: "date-time"
+ type: "string"
message:
type: "string"
+ startTime:
+ format: "date-time"
+ type: "string"
type: "object"
conditions:
description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource"
@@ -323,24 +388,48 @@ spec:
type: "object"
type: "array"
created:
- description: "The domain creation status. True if the creation of a domain is complete.\nFalse if domain creation is still in progress."
+ description: "Creation status of an OpenSearch Service domain. True if domain creation\nis complete. False if domain creation is still in progress."
type: "boolean"
deleted:
- description: "The domain deletion status. True if a delete request has been received for\nthe domain but resource cleanup is still in progress. False if the domain\nhas not been deleted. Once domain deletion is complete, the status of the\ndomain is no longer returned."
+ description: "Deletion status of an OpenSearch Service domain. True if domain deletion\nis complete. False if domain deletion is still in progress. Once deletion\nis complete, the status of the domain is no longer returned."
type: "boolean"
+ domainEndpointV2HostedZoneID:
+ description: "The dual stack hosted zone ID for the domain."
+ type: "string"
domainID:
- description: "The unique identifier for the specified domain."
+ description: "Unique identifier for the domain."
+ type: "string"
+ domainProcessingStatus:
+ description: "The status of any changes that are currently in progress for the domain."
type: "string"
endpoint:
- description: "The domain endpoint that you use to submit index and search requests."
+ description: "Domain-specific endpoint used to submit index, search, and data upload requests\nto the domain."
+ type: "string"
+ endpointV2:
+ description: "If IPAddressType to set to dualstack, a version 2 domain endpoint is provisioned.\nThis endpoint functions like a normal endpoint, except that it works with\nboth IPv4 and IPv6 IP addresses. Normal endpoints work only with IPv4 IP\naddresses."
type: "string"
endpoints:
additionalProperties:
type: "string"
- description: "Map containing the domain endpoints used to submit index and search requests.\nExample key, value: 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'."
+ description: "The key-value pair that exists if the OpenSearch Service domain uses VPC\nendpoints. For example:\n\n\n * IPv4 IP addresses - 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'\n\n\n * Dual stack IP addresses - 'vpcv2':'vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.aos.us-east-1.on.aws'"
type: "object"
+ modifyingProperties:
+ description: "Information about the domain properties that are currently being modified."
+ items:
+ description: "Information about the domain properties that are currently being modified."
+ properties:
+ activeValue:
+ type: "string"
+ name:
+ type: "string"
+ pendingValue:
+ type: "string"
+ valueType:
+ type: "string"
+ type: "object"
+ type: "array"
processing:
- description: "The status of the domain configuration. True if Amazon OpenSearch Service\nis processing configuration changes. False if the configuration is active."
+ description: "The status of the domain configuration. True if OpenSearch Service is processing\nconfiguration changes. False if the configuration is active."
type: "boolean"
serviceSoftwareOptions:
description: "The current status of the domain's service software."
@@ -364,14 +453,14 @@ spec:
type: "string"
type: "object"
snapshotOptions:
- description: "The status of the SnapshotOptions."
+ description: "DEPRECATED. Container for parameters required to configure automated snapshots\nof domain indexes."
properties:
automatedSnapshotStartHour:
format: "int64"
type: "integer"
type: "object"
upgradeProcessing:
- description: "The status of a domain version upgrade. True if Amazon OpenSearch Service\nis undergoing a version upgrade. False if the configuration is active."
+ description: "The status of a domain version upgrade to a new version of OpenSearch or\nElasticsearch. True if OpenSearch Service is in the process of a version\nupgrade. False if the configuration is active."
type: "boolean"
type: "object"
type: "object"
diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml
index f0c550f5f..b90e0562a 100644
--- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml
+++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml
@@ -46,6 +46,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml
index 31d4054c7..0a798cedf 100644
--- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml
+++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml
@@ -50,6 +50,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml
index 426107e70..1aacf4e67 100644
--- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml
+++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml
@@ -56,6 +56,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml
index 571956038..35b54de69 100644
--- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml
+++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml
@@ -75,6 +75,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
dbSubnetGroupName:
@@ -88,6 +90,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
dbSystemID:
@@ -149,6 +153,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
manageMasterUserPassword:
@@ -181,6 +187,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
masterUsername:
@@ -290,6 +298,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml
index 2e17e0534..fe84d6e1e 100644
--- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml
+++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml
@@ -88,6 +88,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
dbSnapshotIdentifier:
@@ -104,6 +106,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
deletionProtection:
@@ -150,6 +154,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
licenseModel:
@@ -185,6 +191,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
masterUsername:
@@ -310,6 +318,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml
index 1939bbddd..e5c1d687a 100644
--- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml
+++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml
@@ -49,6 +49,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml
index a1982905c..678b49ab1 100644
--- a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml
+++ b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml
@@ -154,6 +154,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
multiValueAnswer:
diff --git a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml
index a7b3c340a..faf5eed8d 100644
--- a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml
+++ b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml
@@ -55,6 +55,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "object"
@@ -79,6 +81,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
type: "array"
diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml
index b1ca97581..fa8d6bbc4 100644
--- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml
+++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml
@@ -41,6 +41,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
eventEndpointDeleted:
@@ -53,6 +55,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
eventEndpointUpdated:
@@ -65,6 +69,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
failureFeedbackRoleARN:
@@ -77,6 +83,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
name:
@@ -99,6 +107,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
successFeedbackSampleRate:
diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml
index 228354c65..725f1de58 100644
--- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml
+++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml
@@ -30,7 +30,6 @@ spec:
description: "PlatformEndpointSpec defines the desired state of PlatformEndpoint."
properties:
customUserData:
- description: "Arbitrary user data to associate with the endpoint. Amazon SNS does not use\nthis data. The data must be in UTF-8 format and less than 2KB."
type: "string"
enabled:
type: "string"
@@ -38,7 +37,6 @@ spec:
description: "PlatformApplicationArn returned from CreatePlatformApplication is used to\ncreate a an endpoint."
type: "string"
token:
- description: "Unique identifier created by the notification service for an app on a device.\nThe specific name for Token will vary, depending on which notification service\nis being used. For example, when using APNS as the notification service,\nyou need the device token. Alternatively, when using GCM (Firebase Cloud\nMessaging) or ADM, the device token equivalent is called the registration\nID."
type: "string"
required:
- "platformApplicationARN"
diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml
index a354b8af2..72e006d6a 100644
--- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml
+++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml
@@ -58,6 +58,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
required:
diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml
index 03c0d4901..6d17a1bef 100644
--- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml
+++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml
@@ -50,6 +50,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
name:
@@ -65,6 +67,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
signatureVersion:
diff --git a/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml b/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml
index dc04fc464..43f4c1d22 100644
--- a/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml
+++ b/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml
@@ -47,6 +47,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
maximumMessageSize:
@@ -63,6 +65,8 @@ spec:
properties:
name:
type: "string"
+ namespace:
+ type: "string"
type: "object"
type: "object"
queueName:
diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml
index ecc1a109a..48e6130a3 100644
--- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml
+++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml
@@ -2718,6 +2718,64 @@ spec:
description: "The image repository, name, and tag"
type: "string"
type: "object"
+ tinkRelay:
+ properties:
+ arch:
+ description: "Architectures of the asset"
+ items:
+ type: "string"
+ type: "array"
+ description:
+ type: "string"
+ imageDigest:
+ description: "The SHA256 digest of the image manifest"
+ type: "string"
+ name:
+ description: "The asset name"
+ type: "string"
+ os:
+ description: "Operating system of the asset"
+ enum:
+ - "linux"
+ - "darwin"
+ - "windows"
+ type: "string"
+ osName:
+ description: "Name of the OS like ubuntu, bottlerocket"
+ type: "string"
+ uri:
+ description: "The image repository, name, and tag"
+ type: "string"
+ type: "object"
+ tinkRelayInit:
+ properties:
+ arch:
+ description: "Architectures of the asset"
+ items:
+ type: "string"
+ type: "array"
+ description:
+ type: "string"
+ imageDigest:
+ description: "The SHA256 digest of the image manifest"
+ type: "string"
+ name:
+ description: "The asset name"
+ type: "string"
+ os:
+ description: "Operating system of the asset"
+ enum:
+ - "linux"
+ - "darwin"
+ - "windows"
+ type: "string"
+ osName:
+ description: "Name of the OS like ubuntu, bottlerocket"
+ type: "string"
+ uri:
+ description: "The image repository, name, and tag"
+ type: "string"
+ type: "object"
tinkServer:
properties:
arch:
@@ -2779,6 +2837,8 @@ spec:
required:
- "nginx"
- "tinkController"
+ - "tinkRelay"
+ - "tinkRelayInit"
- "tinkServer"
- "tinkWorker"
type: "object"
diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml
index 50e81dab9..6607a1b4d 100644
--- a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml
+++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml
@@ -77,9 +77,11 @@ spec:
type: "string"
x-kubernetes-validations:
- message: "'alias' is improperly formatted, must match the format 'family@version'"
- rule: "self.matches('^[a-zA-Z0-9]*@.*$')"
+ rule: "self.matches('^[a-zA-Z0-9]+@.+$')"
- message: "family is not supported, must be one of the following: 'al2', 'al2023', 'bottlerocket', 'windows2019', 'windows2022'"
- rule: "self.find('^[^@]+') in ['al2','al2023','bottlerocket','windows2019','windows2022']"
+ rule: "self.split('@')[0] in ['al2','al2023','bottlerocket','windows2019','windows2022']"
+ - message: "windows families may only specify version 'latest'"
+ rule: "self.split('@')[0] in ['windows2019','windows2022'] ? self.split('@')[1] == 'latest' : true"
id:
description: "ID is the ami id in EC2"
pattern: "ami-[0-9a-z]+"
diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml
index 8d971f961..56940b598 100644
--- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml
+++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml
@@ -83,6 +83,7 @@ spec:
properties:
group:
description: "API version of the referent"
+ pattern: "^[^/]*$"
type: "string"
kind:
description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\""
diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml
index 5f0bf70ad..b57ecb7c0 100644
--- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml
+++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml
@@ -164,7 +164,7 @@ spec:
rule: "self.all(x, x in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !x.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\"))"
type: "object"
spec:
- description: "NodeClaimSpec describes the desired state of the NodeClaim"
+ description: "NodeClaimTemplateSpec describes the desired state of the NodeClaim in the Nodepool\nNodeClaimTemplateSpec is used in the NodePool's NodeClaimTemplate, with the resource requests omitted since\nusers are not able to set resource requests in the NodePool."
properties:
expireAfter:
default: "720h"
@@ -176,6 +176,7 @@ spec:
properties:
group:
description: "API version of the referent"
+ pattern: "^[^/]*$"
type: "string"
kind:
description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\""
diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml
index feba78567..8a830b05c 100644
--- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml
+++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml
@@ -197,6 +197,8 @@ spec:
rule: "self in [\"karpenter.sh/capacity-type\", \"karpenter.sh/nodepool\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.sh\")"
- message: "label \"kubernetes.io/hostname\" is restricted"
rule: "self != \"kubernetes.io/hostname\""
+ - message: "label domain \"karpenter.k8s.aws\" is restricted"
+ rule: "self in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")"
minValues:
description: "This field is ALPHA and can be dropped or replaced at any time\nMinValues is the minimum number of unique values required to define the flexibility of the specific requirement."
maximum: 50.0
diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml
index 7a07361ec..bcfd4a481 100644
--- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml
+++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml
@@ -72,16 +72,6 @@ spec:
description: "Nodes dictates the maximum number of NodeClaims owned by this NodePool\nthat can be terminating at once. This is calculated by counting nodes that\nhave a deletion timestamp set, or are actively being deleted by Karpenter.\nThis field is required when specifying a budget.\nThis cannot be of type intstr.IntOrString since kubebuilder doesn't support pattern\nchecking for int nodes for IntOrString nodes.\nRef: https://github.com/kubernetes-sigs/controller-tools/blob/55efe4be40394a288216dab63156b0a64fb82929/pkg/crd/markers/validation.go#L379-L388"
pattern: "^((100|[0-9]{1,2})%|[0-9]+)$"
type: "string"
- reasons:
- description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are Underutilized, Empty, and Drifted."
- items:
- description: "DisruptionReason defines valid reasons for disruption budgets."
- enum:
- - "Underutilized"
- - "Empty"
- - "Drifted"
- type: "string"
- type: "array"
schedule:
description: "Schedule specifies when a budget begins being active, following\nthe upstream cronjob syntax. If omitted, the budget is always active.\nTimezones are not supported.\nThis field is required if Duration is set."
pattern: "^(@(annually|yearly|monthly|weekly|daily|midnight|hourly))|((.+)\\s(.+)\\s(.+)\\s(.+)\\s(.+))$"
@@ -154,6 +144,8 @@ spec:
rule: "self.all(x, x != \"karpenter.sh/nodepool\")"
- message: "label \"kubernetes.io/hostname\" is restricted"
rule: "self.all(x, x != \"kubernetes.io/hostname\")"
+ - message: "label domain \"karpenter.k8s.aws\" is restricted"
+ rule: "self.all(x, x in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !x.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\"))"
type: "object"
spec:
description: "NodeClaimSpec describes the desired state of the NodeClaim"
@@ -287,6 +279,8 @@ spec:
rule: "self != \"karpenter.sh/nodepool\""
- message: "label \"kubernetes.io/hostname\" is restricted"
rule: "self != \"kubernetes.io/hostname\""
+ - message: "label domain \"karpenter.k8s.aws\" is restricted"
+ rule: "self in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")"
minValues:
description: "This field is ALPHA and can be dropped or replaced at any time\nMinValues is the minimum number of unique values required to define the flexibility of the specific requirement."
maximum: 50.0
diff --git a/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml b/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml
index 162dcc2b0..00356d07b 100644
--- a/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml
+++ b/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml
@@ -446,6 +446,700 @@ spec:
- "name"
type: "object"
type: "array"
+ podTemplate:
+ description: "Optional pod template used to configure the ACME challenge solver pods\nused for HTTP01 challenges."
+ properties:
+ metadata:
+ description: "ObjectMeta overrides for the pod used to solve HTTP01 challenges.\nOnly the 'labels' and 'annotations' fields may be set.\nIf labels or annotations overlap with in-built values, the values here\nwill override the in-built values."
+ properties:
+ annotations:
+ additionalProperties:
+ type: "string"
+ description: "Annotations that should be added to the create ACME HTTP01 solver pods."
+ type: "object"
+ labels:
+ additionalProperties:
+ type: "string"
+ description: "Labels that should be added to the created ACME HTTP01 solver pods."
+ type: "object"
+ type: "object"
+ spec:
+ description: "PodSpec defines overrides for the HTTP01 challenge solver pod.\nCheck ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.\nAll other fields will be ignored."
+ properties:
+ affinity:
+ description: "If specified, the pod's scheduling constraints"
+ properties:
+ nodeAffinity:
+ description: "Describes node affinity scheduling rules for the pod."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)."
+ properties:
+ preference:
+ description: "A node selector term, associated with the corresponding weight."
+ properties:
+ matchExpressions:
+ description: "A list of node selector requirements by node's labels."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchFields:
+ description: "A list of node selector requirements by node's fields."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ weight:
+ description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "preference"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
+ properties:
+ nodeSelectorTerms:
+ description: "Required. A list of node selector terms. The terms are ORed."
+ items:
+ description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm."
+ properties:
+ matchExpressions:
+ description: "A list of node selector requirements by node's labels."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchFields:
+ description: "A list of node selector requirements by node's fields."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "nodeSelectorTerms"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ podAffinity:
+ description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
+ properties:
+ podAffinityTerm:
+ description: "Required. A pod affinity term, associated with the corresponding weight."
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ weight:
+ description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "podAffinityTerm"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
+ items:
+ description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ podAntiAffinity:
+ description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
+ properties:
+ podAffinityTerm:
+ description: "Required. A pod affinity term, associated with the corresponding weight."
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ weight:
+ description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "podAffinityTerm"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
+ items:
+ description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ type: "object"
+ imagePullSecrets:
+ description: "If specified, the pod's imagePullSecrets"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ nodeSelector:
+ additionalProperties:
+ type: "string"
+ description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
+ type: "object"
+ priorityClassName:
+ description: "If specified, the pod's priorityClassName."
+ type: "string"
+ securityContext:
+ description: "If specified, the pod's security context"
+ properties:
+ fsGroup:
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ fsGroupChangePolicy:
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
+ type: "string"
+ runAsGroup:
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ runAsNonRoot:
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
+ type: "boolean"
+ runAsUser:
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ seLinuxOptions:
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ level:
+ description: "Level is SELinux level label that applies to the container."
+ type: "string"
+ role:
+ description: "Role is a SELinux role label that applies to the container."
+ type: "string"
+ type:
+ description: "Type is a SELinux type label that applies to the container."
+ type: "string"
+ user:
+ description: "User is a SELinux user label that applies to the container."
+ type: "string"
+ type: "object"
+ seccompProfile:
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
+ type: "string"
+ type:
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
+ supplementalGroups:
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ format: "int64"
+ type: "integer"
+ type: "array"
+ sysctls:
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ description: "Sysctl defines a kernel parameter to be set"
+ properties:
+ name:
+ description: "Name of a property to set"
+ type: "string"
+ value:
+ description: "Value of a property to set"
+ type: "string"
+ required:
+ - "name"
+ - "value"
+ type: "object"
+ type: "array"
+ type: "object"
+ serviceAccountName:
+ description: "If specified, the pod's service account"
+ type: "string"
+ tolerations:
+ description: "If specified, the pod's tolerations."
+ items:
+ description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ."
+ properties:
+ effect:
+ description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute."
+ type: "string"
+ key:
+ description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys."
+ type: "string"
+ operator:
+ description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category."
+ type: "string"
+ tolerationSeconds:
+ description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system."
+ format: "int64"
+ type: "integer"
+ value:
+ description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string."
+ type: "string"
+ type: "object"
+ type: "array"
+ type: "object"
+ type: "object"
serviceType:
description: "Optional service type for Kubernetes solver service. Supported values\nare NodePort or ClusterIP. If unset, defaults to NodePort."
type: "string"
@@ -1074,6 +1768,78 @@ spec:
priorityClassName:
description: "If specified, the pod's priorityClassName."
type: "string"
+ securityContext:
+ description: "If specified, the pod's security context"
+ properties:
+ fsGroup:
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ fsGroupChangePolicy:
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
+ type: "string"
+ runAsGroup:
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ runAsNonRoot:
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
+ type: "boolean"
+ runAsUser:
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ seLinuxOptions:
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ level:
+ description: "Level is SELinux level label that applies to the container."
+ type: "string"
+ role:
+ description: "Role is a SELinux role label that applies to the container."
+ type: "string"
+ type:
+ description: "Type is a SELinux type label that applies to the container."
+ type: "string"
+ user:
+ description: "User is a SELinux user label that applies to the container."
+ type: "string"
+ type: "object"
+ seccompProfile:
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
+ type: "string"
+ type:
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
+ supplementalGroups:
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ format: "int64"
+ type: "integer"
+ type: "array"
+ sysctls:
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ description: "Sysctl defines a kernel parameter to be set"
+ properties:
+ name:
+ description: "Name of a property to set"
+ type: "string"
+ value:
+ description: "Value of a property to set"
+ type: "string"
+ required:
+ - "name"
+ - "value"
+ type: "object"
+ type: "array"
+ type: "object"
serviceAccountName:
description: "If specified, the pod's service account"
type: "string"
diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml
index 08279ed66..6e478d557 100644
--- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml
+++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml
@@ -488,6 +488,700 @@ spec:
- "name"
type: "object"
type: "array"
+ podTemplate:
+ description: "Optional pod template used to configure the ACME challenge solver pods\nused for HTTP01 challenges."
+ properties:
+ metadata:
+ description: "ObjectMeta overrides for the pod used to solve HTTP01 challenges.\nOnly the 'labels' and 'annotations' fields may be set.\nIf labels or annotations overlap with in-built values, the values here\nwill override the in-built values."
+ properties:
+ annotations:
+ additionalProperties:
+ type: "string"
+ description: "Annotations that should be added to the create ACME HTTP01 solver pods."
+ type: "object"
+ labels:
+ additionalProperties:
+ type: "string"
+ description: "Labels that should be added to the created ACME HTTP01 solver pods."
+ type: "object"
+ type: "object"
+ spec:
+ description: "PodSpec defines overrides for the HTTP01 challenge solver pod.\nCheck ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.\nAll other fields will be ignored."
+ properties:
+ affinity:
+ description: "If specified, the pod's scheduling constraints"
+ properties:
+ nodeAffinity:
+ description: "Describes node affinity scheduling rules for the pod."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)."
+ properties:
+ preference:
+ description: "A node selector term, associated with the corresponding weight."
+ properties:
+ matchExpressions:
+ description: "A list of node selector requirements by node's labels."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchFields:
+ description: "A list of node selector requirements by node's fields."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ weight:
+ description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "preference"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
+ properties:
+ nodeSelectorTerms:
+ description: "Required. A list of node selector terms. The terms are ORed."
+ items:
+ description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm."
+ properties:
+ matchExpressions:
+ description: "A list of node selector requirements by node's labels."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchFields:
+ description: "A list of node selector requirements by node's fields."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "nodeSelectorTerms"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ podAffinity:
+ description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
+ properties:
+ podAffinityTerm:
+ description: "Required. A pod affinity term, associated with the corresponding weight."
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ weight:
+ description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "podAffinityTerm"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
+ items:
+ description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ podAntiAffinity:
+ description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
+ properties:
+ podAffinityTerm:
+ description: "Required. A pod affinity term, associated with the corresponding weight."
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ weight:
+ description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "podAffinityTerm"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
+ items:
+ description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ type: "object"
+ imagePullSecrets:
+ description: "If specified, the pod's imagePullSecrets"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ nodeSelector:
+ additionalProperties:
+ type: "string"
+ description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
+ type: "object"
+ priorityClassName:
+ description: "If specified, the pod's priorityClassName."
+ type: "string"
+ securityContext:
+ description: "If specified, the pod's security context"
+ properties:
+ fsGroup:
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ fsGroupChangePolicy:
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
+ type: "string"
+ runAsGroup:
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ runAsNonRoot:
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
+ type: "boolean"
+ runAsUser:
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ seLinuxOptions:
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ level:
+ description: "Level is SELinux level label that applies to the container."
+ type: "string"
+ role:
+ description: "Role is a SELinux role label that applies to the container."
+ type: "string"
+ type:
+ description: "Type is a SELinux type label that applies to the container."
+ type: "string"
+ user:
+ description: "User is a SELinux user label that applies to the container."
+ type: "string"
+ type: "object"
+ seccompProfile:
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
+ type: "string"
+ type:
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
+ supplementalGroups:
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ format: "int64"
+ type: "integer"
+ type: "array"
+ sysctls:
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ description: "Sysctl defines a kernel parameter to be set"
+ properties:
+ name:
+ description: "Name of a property to set"
+ type: "string"
+ value:
+ description: "Value of a property to set"
+ type: "string"
+ required:
+ - "name"
+ - "value"
+ type: "object"
+ type: "array"
+ type: "object"
+ serviceAccountName:
+ description: "If specified, the pod's service account"
+ type: "string"
+ tolerations:
+ description: "If specified, the pod's tolerations."
+ items:
+ description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ."
+ properties:
+ effect:
+ description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute."
+ type: "string"
+ key:
+ description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys."
+ type: "string"
+ operator:
+ description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category."
+ type: "string"
+ tolerationSeconds:
+ description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system."
+ format: "int64"
+ type: "integer"
+ value:
+ description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string."
+ type: "string"
+ type: "object"
+ type: "array"
+ type: "object"
+ type: "object"
serviceType:
description: "Optional service type for Kubernetes solver service. Supported values\nare NodePort or ClusterIP. If unset, defaults to NodePort."
type: "string"
@@ -1116,6 +1810,78 @@ spec:
priorityClassName:
description: "If specified, the pod's priorityClassName."
type: "string"
+ securityContext:
+ description: "If specified, the pod's security context"
+ properties:
+ fsGroup:
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ fsGroupChangePolicy:
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
+ type: "string"
+ runAsGroup:
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ runAsNonRoot:
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
+ type: "boolean"
+ runAsUser:
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ seLinuxOptions:
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ level:
+ description: "Level is SELinux level label that applies to the container."
+ type: "string"
+ role:
+ description: "Role is a SELinux role label that applies to the container."
+ type: "string"
+ type:
+ description: "Type is a SELinux type label that applies to the container."
+ type: "string"
+ user:
+ description: "User is a SELinux user label that applies to the container."
+ type: "string"
+ type: "object"
+ seccompProfile:
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
+ type: "string"
+ type:
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
+ supplementalGroups:
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ format: "int64"
+ type: "integer"
+ type: "array"
+ sysctls:
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ description: "Sysctl defines a kernel parameter to be set"
+ properties:
+ name:
+ description: "Name of a property to set"
+ type: "string"
+ value:
+ description: "Value of a property to set"
+ type: "string"
+ required:
+ - "name"
+ - "value"
+ type: "object"
+ type: "array"
+ type: "object"
serviceAccountName:
description: "If specified, the pod's service account"
type: "string"
diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml
index d0e3bc9dc..94016e47b 100644
--- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml
+++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml
@@ -489,6 +489,700 @@ spec:
- "name"
type: "object"
type: "array"
+ podTemplate:
+ description: "Optional pod template used to configure the ACME challenge solver pods\nused for HTTP01 challenges."
+ properties:
+ metadata:
+ description: "ObjectMeta overrides for the pod used to solve HTTP01 challenges.\nOnly the 'labels' and 'annotations' fields may be set.\nIf labels or annotations overlap with in-built values, the values here\nwill override the in-built values."
+ properties:
+ annotations:
+ additionalProperties:
+ type: "string"
+ description: "Annotations that should be added to the create ACME HTTP01 solver pods."
+ type: "object"
+ labels:
+ additionalProperties:
+ type: "string"
+ description: "Labels that should be added to the created ACME HTTP01 solver pods."
+ type: "object"
+ type: "object"
+ spec:
+ description: "PodSpec defines overrides for the HTTP01 challenge solver pod.\nCheck ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.\nAll other fields will be ignored."
+ properties:
+ affinity:
+ description: "If specified, the pod's scheduling constraints"
+ properties:
+ nodeAffinity:
+ description: "Describes node affinity scheduling rules for the pod."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)."
+ properties:
+ preference:
+ description: "A node selector term, associated with the corresponding weight."
+ properties:
+ matchExpressions:
+ description: "A list of node selector requirements by node's labels."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchFields:
+ description: "A list of node selector requirements by node's fields."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ weight:
+ description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "preference"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
+ properties:
+ nodeSelectorTerms:
+ description: "Required. A list of node selector terms. The terms are ORed."
+ items:
+ description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm."
+ properties:
+ matchExpressions:
+ description: "A list of node selector requirements by node's labels."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchFields:
+ description: "A list of node selector requirements by node's fields."
+ items:
+ description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values."
+ properties:
+ key:
+ description: "The label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
+ type: "string"
+ values:
+ description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "nodeSelectorTerms"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ podAffinity:
+ description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
+ properties:
+ podAffinityTerm:
+ description: "Required. A pod affinity term, associated with the corresponding weight."
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ weight:
+ description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "podAffinityTerm"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
+ items:
+ description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ podAntiAffinity:
+ description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
+ items:
+ description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)"
+ properties:
+ podAffinityTerm:
+ description: "Required. A pod affinity term, associated with the corresponding weight."
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ weight:
+ description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
+ format: "int32"
+ type: "integer"
+ required:
+ - "podAffinityTerm"
+ - "weight"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
+ items:
+ description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running"
+ properties:
+ labelSelector:
+ description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ matchLabelKeys:
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ mismatchLabelKeys:
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ namespaceSelector:
+ description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
+ properties:
+ matchExpressions:
+ description: "matchExpressions is a list of label selector requirements. The requirements are ANDed."
+ items:
+ description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values."
+ properties:
+ key:
+ description: "key is the label key that the selector applies to."
+ type: "string"
+ operator:
+ description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
+ type: "string"
+ values:
+ description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "key"
+ - "operator"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ matchLabels:
+ additionalProperties:
+ type: "string"
+ description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
+ type: "object"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ namespaces:
+ description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
+ items:
+ type: "string"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ topologyKey:
+ description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
+ type: "string"
+ required:
+ - "topologyKey"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ type: "object"
+ type: "object"
+ imagePullSecrets:
+ description: "If specified, the pod's imagePullSecrets"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ nodeSelector:
+ additionalProperties:
+ type: "string"
+ description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
+ type: "object"
+ priorityClassName:
+ description: "If specified, the pod's priorityClassName."
+ type: "string"
+ securityContext:
+ description: "If specified, the pod's security context"
+ properties:
+ fsGroup:
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ fsGroupChangePolicy:
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
+ type: "string"
+ runAsGroup:
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ runAsNonRoot:
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
+ type: "boolean"
+ runAsUser:
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ seLinuxOptions:
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ level:
+ description: "Level is SELinux level label that applies to the container."
+ type: "string"
+ role:
+ description: "Role is a SELinux role label that applies to the container."
+ type: "string"
+ type:
+ description: "Type is a SELinux type label that applies to the container."
+ type: "string"
+ user:
+ description: "User is a SELinux user label that applies to the container."
+ type: "string"
+ type: "object"
+ seccompProfile:
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
+ type: "string"
+ type:
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
+ supplementalGroups:
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ format: "int64"
+ type: "integer"
+ type: "array"
+ sysctls:
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ description: "Sysctl defines a kernel parameter to be set"
+ properties:
+ name:
+ description: "Name of a property to set"
+ type: "string"
+ value:
+ description: "Value of a property to set"
+ type: "string"
+ required:
+ - "name"
+ - "value"
+ type: "object"
+ type: "array"
+ type: "object"
+ serviceAccountName:
+ description: "If specified, the pod's service account"
+ type: "string"
+ tolerations:
+ description: "If specified, the pod's tolerations."
+ items:
+ description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ."
+ properties:
+ effect:
+ description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute."
+ type: "string"
+ key:
+ description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys."
+ type: "string"
+ operator:
+ description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category."
+ type: "string"
+ tolerationSeconds:
+ description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system."
+ format: "int64"
+ type: "integer"
+ value:
+ description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string."
+ type: "string"
+ type: "object"
+ type: "array"
+ type: "object"
+ type: "object"
serviceType:
description: "Optional service type for Kubernetes solver service. Supported values\nare NodePort or ClusterIP. If unset, defaults to NodePort."
type: "string"
@@ -1117,6 +1811,78 @@ spec:
priorityClassName:
description: "If specified, the pod's priorityClassName."
type: "string"
+ securityContext:
+ description: "If specified, the pod's security context"
+ properties:
+ fsGroup:
+ description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ fsGroupChangePolicy:
+ description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
+ type: "string"
+ runAsGroup:
+ description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ runAsNonRoot:
+ description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
+ type: "boolean"
+ runAsUser:
+ description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
+ format: "int64"
+ type: "integer"
+ seLinuxOptions:
+ description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ level:
+ description: "Level is SELinux level label that applies to the container."
+ type: "string"
+ role:
+ description: "Role is a SELinux role label that applies to the container."
+ type: "string"
+ type:
+ description: "Type is a SELinux type label that applies to the container."
+ type: "string"
+ user:
+ description: "User is a SELinux user label that applies to the container."
+ type: "string"
+ type: "object"
+ seccompProfile:
+ description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
+ type: "string"
+ type:
+ description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
+ supplementalGroups:
+ description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ format: "int64"
+ type: "integer"
+ type: "array"
+ sysctls:
+ description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
+ items:
+ description: "Sysctl defines a kernel parameter to be set"
+ properties:
+ name:
+ description: "Name of a property to set"
+ type: "string"
+ value:
+ description: "Value of a property to set"
+ type: "string"
+ required:
+ - "name"
+ - "value"
+ type: "object"
+ type: "array"
+ type: "object"
serviceAccountName:
description: "If specified, the pod's service account"
type: "string"
diff --git a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml
index 03a432bd6..d172b8ff7 100644
--- a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml
+++ b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml
@@ -16,7 +16,7 @@ spec:
- name: "v2"
schema:
openAPIV3Schema:
- description: "The `CheCluster` custom resource allows defining and managing Eclipse Che server installation.\nBased on these settings, the Operator automatically creates and maintains several ConfigMaps:\n`che`, `plugin-registry`, `devfile-registry` that will contain the appropriate environment variables\nof the various components of the installation. These generated ConfigMaps must NOT be updated manually."
+ description: "The `CheCluster` custom resource allows defining and managing Eclipse Che server installation.\nBased on these settings, the Operator automatically creates and maintains several ConfigMaps:\n`che`, `plugin-registry` that will contain the appropriate environment variables\nof the various components of the installation. These generated ConfigMaps must NOT be updated manually."
properties:
apiVersion:
description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
@@ -453,7 +453,7 @@ spec:
description: "Configuration settings related to the devfile registry used by the Che installation."
properties:
deployment:
- description: "Deployment override options."
+ description: "Deprecated deployment override options."
properties:
containers:
description: "List of containers belonging to the pod."
@@ -2854,7 +2854,7 @@ spec:
description: "Currently installed Che version."
type: "string"
devfileRegistryURL:
- description: "The public URL of the internal devfile registry."
+ description: "Deprecated the public URL of the internal devfile registry."
type: "string"
gatewayPhase:
description: "Specifies the current phase of the gateway deployment."
diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml
index 7bb4db460..e889f0850 100644
--- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml
+++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml
@@ -528,6 +528,118 @@ spec:
required:
- "vaultUrl"
type: "object"
+ beyondtrust:
+ description: "Beyondtrust configures this store to sync secrets using Password Safe provider."
+ properties:
+ auth:
+ description: "Auth configures how the operator authenticates with Beyondtrust."
+ properties:
+ certificate:
+ description: "Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate."
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ certificateKey:
+ description: "Certificate private key (key.pem). For use when authenticating with an OAuth client Id"
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ clientId:
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ clientSecret:
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ required:
+ - "clientId"
+ - "clientSecret"
+ type: "object"
+ server:
+ description: "Auth configures how API server works."
+ properties:
+ apiUrl:
+ type: "string"
+ clientTimeOutSeconds:
+ description: "Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds."
+ type: "integer"
+ retrievalType:
+ description: "The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system."
+ type: "string"
+ separator:
+ description: "A character that separates the folder names."
+ type: "string"
+ verifyCA:
+ type: "boolean"
+ required:
+ - "apiUrl"
+ - "verifyCA"
+ type: "object"
+ required:
+ - "auth"
+ - "server"
+ type: "object"
bitwardensecretsmanager:
description: "BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider"
properties:
diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml
index 56bc1404f..f46f5c91f 100644
--- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml
+++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml
@@ -528,6 +528,118 @@ spec:
required:
- "vaultUrl"
type: "object"
+ beyondtrust:
+ description: "Beyondtrust configures this store to sync secrets using Password Safe provider."
+ properties:
+ auth:
+ description: "Auth configures how the operator authenticates with Beyondtrust."
+ properties:
+ certificate:
+ description: "Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate."
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ certificateKey:
+ description: "Certificate private key (key.pem). For use when authenticating with an OAuth client Id"
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ clientId:
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ clientSecret:
+ properties:
+ secretRef:
+ description: "SecretRef references a key in a secret that will be used as value."
+ properties:
+ key:
+ description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required."
+ type: "string"
+ name:
+ description: "The name of the Secret resource being referred to."
+ type: "string"
+ namespace:
+ description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent."
+ type: "string"
+ type: "object"
+ value:
+ description: "Value can be specified directly to set a value without using a secret."
+ type: "string"
+ type: "object"
+ required:
+ - "clientId"
+ - "clientSecret"
+ type: "object"
+ server:
+ description: "Auth configures how API server works."
+ properties:
+ apiUrl:
+ type: "string"
+ clientTimeOutSeconds:
+ description: "Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds."
+ type: "integer"
+ retrievalType:
+ description: "The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system."
+ type: "string"
+ separator:
+ description: "A character that separates the folder names."
+ type: "string"
+ verifyCA:
+ type: "boolean"
+ required:
+ - "apiUrl"
+ - "verifyCA"
+ type: "object"
+ required:
+ - "auth"
+ - "server"
+ type: "object"
bitwardensecretsmanager:
description: "BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider"
properties:
diff --git a/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml b/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml
index 1185f8d9e..fcd6be23a 100644
--- a/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml
+++ b/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml
@@ -98,6 +98,17 @@ spec:
type: "string"
description: "Environment variables that will be used by Alluxio component.
"
type: "object"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
jvmOptions:
description: "Options for JVM"
items:
@@ -246,6 +257,17 @@ spec:
imagePullPolicy:
description: "One of the three policies: `Always`, `IfNotPresent`, `Never`"
type: "string"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
imageTag:
description: "Image Tag for Alluxio Fuse(e.g. 2.3.0-SNAPSHOT)"
type: "string"
@@ -354,6 +376,17 @@ spec:
hadoopConfig:
description: "Name of the configMap used to support HDFS configurations when using HDFS as Alluxio's UFS. The configMap\nmust be in the same namespace with the AlluxioRuntime. The configMap should contain user-specific HDFS conf files in it.\nFor now, only \"hdfs-site.xml\" and \"core-site.xml\" are supported. It must take the filename of the conf file as the key and content\nof the file as the value."
type: "string"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
initUsers:
description: "The spec of init users"
properties:
@@ -420,6 +453,17 @@ spec:
type: "string"
description: "Environment variables that will be used by Alluxio component.
"
type: "object"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
jvmOptions:
description: "Options for JVM"
items:
@@ -543,6 +587,17 @@ spec:
type: "string"
description: "Environment variables that will be used by Alluxio component.
"
type: "object"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
jvmOptions:
description: "Options for JVM"
items:
@@ -697,6 +752,17 @@ spec:
type: "string"
description: "Environment variables that will be used by Alluxio component.
"
type: "object"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
jvmOptions:
description: "Options for JVM"
items:
@@ -2882,6 +2948,17 @@ spec:
type: "string"
description: "Environment variables that will be used by Alluxio component.
"
type: "object"
+ imagePullSecrets:
+ description: "ImagePullSecrets that will be used to pull images"
+ items:
+ description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
+ properties:
+ name:
+ description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ type: "string"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
jvmOptions:
description: "Options for JVM"
items:
diff --git a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml
index d63831f28..112ba5819 100644
--- a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml
+++ b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml
@@ -118,6 +118,22 @@ spec:
required:
- "name"
type: "object"
+ sts:
+ description: "STS specifies the required configuration to use a Security Token\nService for fetching temporary credentials to authenticate in a\nBucket provider.\n\n\nThis field is only supported for the `aws` provider."
+ properties:
+ endpoint:
+ description: "Endpoint is the HTTP/S endpoint of the Security Token Service from\nwhere temporary credentials will be fetched."
+ pattern: "^(http|https)://.*$"
+ type: "string"
+ provider:
+ description: "Provider of the Security Token Service."
+ enum:
+ - "aws"
+ type: "string"
+ required:
+ - "endpoint"
+ - "provider"
+ type: "object"
suspend:
description: "Suspend tells the controller to suspend the reconciliation of this\nBucket."
type: "boolean"
@@ -131,6 +147,11 @@ spec:
- "endpoint"
- "interval"
type: "object"
+ x-kubernetes-validations:
+ - message: "STS configuration is only supported for the 'aws' Bucket provider"
+ rule: "self.provider == 'aws' || !has(self.sts)"
+ - message: "'aws' is the only supported STS provider for the 'aws' Bucket provider"
+ rule: "self.provider != 'aws' || !has(self.sts) || self.sts.provider == 'aws'"
status:
default:
observedGeneration: -1
diff --git a/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml b/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml
index 4f69331f3..66eba91e5 100644
--- a/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml
+++ b/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.12.0"
+ controller-gen.kubebuilder.io/version: "v0.14.0"
name: "jaegers.jaegertracing.io"
spec:
group: "jaegertracing.io"
diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml
index 4cfb7988d..6545461c9 100644
--- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml
+++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml
@@ -85,6 +85,10 @@ spec:
purgeMode:
default: "Graciously"
description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"."
+ enum:
+ - "Immediately"
+ - "Graciously"
+ - "Never"
type: "string"
required:
- "decisionConditions"
@@ -486,6 +490,22 @@ spec:
default: "default-scheduler"
description: "SchedulerName represents which scheduler to proceed the scheduling.\nIf specified, the policy will be dispatched by specified scheduler.\nIf not specified, the policy will be dispatched by default scheduler."
type: "string"
+ suspension:
+ description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values."
+ properties:
+ dispatching:
+ description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters."
+ type: "boolean"
+ dispatchingOnClusters:
+ description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all."
+ properties:
+ clusterNames:
+ description: "ClusterNames is the list of clusters to be selected."
+ items:
+ type: "string"
+ type: "array"
+ type: "object"
+ type: "object"
required:
- "resourceSelectors"
type: "object"
diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml
index 9c69d3a68..8435a1334 100644
--- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml
+++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml
@@ -85,6 +85,10 @@ spec:
purgeMode:
default: "Graciously"
description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"."
+ enum:
+ - "Immediately"
+ - "Graciously"
+ - "Never"
type: "string"
required:
- "decisionConditions"
@@ -486,6 +490,22 @@ spec:
default: "default-scheduler"
description: "SchedulerName represents which scheduler to proceed the scheduling.\nIf specified, the policy will be dispatched by specified scheduler.\nIf not specified, the policy will be dispatched by default scheduler."
type: "string"
+ suspension:
+ description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values."
+ properties:
+ dispatching:
+ description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters."
+ type: "boolean"
+ dispatchingOnClusters:
+ description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all."
+ properties:
+ clusterNames:
+ description: "ClusterNames is the list of clusters to be selected."
+ items:
+ type: "string"
+ type: "array"
+ type: "object"
+ type: "object"
required:
- "resourceSelectors"
type: "object"
diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml
index 9bdb0404d..99a382f33 100644
--- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml
+++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml
@@ -43,6 +43,9 @@ spec:
spec:
description: "Spec represents the desired behavior of Work."
properties:
+ suspendDispatching:
+ description: "SuspendDispatching controls whether dispatching should\nbe suspended, nil means not suspend.\nNote: true means stop propagating to all clusters."
+ type: "boolean"
workload:
description: "Workload represents the manifest workload to be deployed on managed cluster."
properties:
diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml
index d1f0db37b..151512b41 100644
--- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml
+++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml
@@ -88,6 +88,10 @@ spec:
purgeMode:
default: "Graciously"
description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"."
+ enum:
+ - "Immediately"
+ - "Graciously"
+ - "Never"
type: "string"
required:
- "decisionConditions"
@@ -640,6 +644,22 @@ spec:
schedulerName:
description: "SchedulerName represents which scheduler to proceed the scheduling.\nIt inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy)."
type: "string"
+ suspension:
+ description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values."
+ properties:
+ dispatching:
+ description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters."
+ type: "boolean"
+ dispatchingOnClusters:
+ description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all."
+ properties:
+ clusterNames:
+ description: "ClusterNames is the list of clusters to be selected."
+ items:
+ type: "string"
+ type: "array"
+ type: "object"
+ type: "object"
required:
- "resource"
type: "object"
diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml
index 8072033fc..29d61ec7c 100644
--- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml
+++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml
@@ -88,6 +88,10 @@ spec:
purgeMode:
default: "Graciously"
description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"."
+ enum:
+ - "Immediately"
+ - "Graciously"
+ - "Never"
type: "string"
required:
- "decisionConditions"
@@ -640,6 +644,22 @@ spec:
schedulerName:
description: "SchedulerName represents which scheduler to proceed the scheduling.\nIt inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy)."
type: "string"
+ suspension:
+ description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values."
+ properties:
+ dispatching:
+ description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters."
+ type: "boolean"
+ dispatchingOnClusters:
+ description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all."
+ properties:
+ clusterNames:
+ description: "ClusterNames is the list of clusters to be selected."
+ items:
+ type: "string"
+ type: "array"
+ type: "object"
+ type: "object"
required:
- "resource"
type: "object"
diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml
index 74cf2e19f..da4e143c8 100644
--- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml
+++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.14.0"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "clustertriggerauthentications.keda.sh"
spec:
group: "keda.sh"
diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml
index fbf67de3b..00c90978e 100644
--- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml
+++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.14.0"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "scaledjobs.keda.sh"
spec:
group: "keda.sh"
diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml
index de7a9d9f7..bc4a5168a 100644
--- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml
+++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.14.0"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "scaledobjects.keda.sh"
spec:
group: "keda.sh"
diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml
index 1e5e3483c..b0368126a 100644
--- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml
+++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.14.0"
+ controller-gen.kubebuilder.io/version: "v0.15.0"
name: "triggerauthentications.keda.sh"
spec:
group: "keda.sh"
diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml
index 3e19bb90c..7c29fe282 100644
--- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml
+++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml
@@ -1881,6 +1881,177 @@ spec:
workers:
type: "integer"
type: "object"
+ opentelemetry:
+ properties:
+ auth:
+ properties:
+ adc:
+ type: "object"
+ alts:
+ properties:
+ target-service-accounts:
+ items:
+ type: "string"
+ type: "array"
+ type: "object"
+ insecure:
+ type: "object"
+ tls:
+ properties:
+ ca_file:
+ properties:
+ mountFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ value:
+ type: "string"
+ valueFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ type: "object"
+ cert_file:
+ properties:
+ mountFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ value:
+ type: "string"
+ valueFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ type: "object"
+ key_file:
+ properties:
+ mountFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ value:
+ type: "string"
+ valueFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ type: "object"
+ type: "object"
+ type: "object"
+ batch-bytes:
+ type: "integer"
+ batch-lines:
+ type: "integer"
+ batch-timeout:
+ type: "integer"
+ channel_args:
+ additionalProperties:
+ type: "string"
+ type: "object"
+ compression:
+ type: "boolean"
+ disk_buffer:
+ properties:
+ compaction:
+ type: "boolean"
+ dir:
+ type: "string"
+ disk_buf_size:
+ format: "int64"
+ type: "integer"
+ mem_buf_length:
+ format: "int64"
+ type: "integer"
+ mem_buf_size:
+ format: "int64"
+ type: "integer"
+ q_out_size:
+ format: "int64"
+ type: "integer"
+ reliable:
+ type: "boolean"
+ required:
+ - "disk_buf_size"
+ - "reliable"
+ type: "object"
+ url:
+ type: "string"
+ required:
+ - "url"
+ type: "object"
redis:
properties:
auth:
diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml
index e37a6def2..a25e37458 100644
--- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml
+++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml
@@ -1877,6 +1877,177 @@ spec:
workers:
type: "integer"
type: "object"
+ opentelemetry:
+ properties:
+ auth:
+ properties:
+ adc:
+ type: "object"
+ alts:
+ properties:
+ target-service-accounts:
+ items:
+ type: "string"
+ type: "array"
+ type: "object"
+ insecure:
+ type: "object"
+ tls:
+ properties:
+ ca_file:
+ properties:
+ mountFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ value:
+ type: "string"
+ valueFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ type: "object"
+ cert_file:
+ properties:
+ mountFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ value:
+ type: "string"
+ valueFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ type: "object"
+ key_file:
+ properties:
+ mountFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ value:
+ type: "string"
+ valueFrom:
+ properties:
+ secretKeyRef:
+ properties:
+ key:
+ type: "string"
+ name:
+ default: ""
+ type: "string"
+ optional:
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ type: "object"
+ type: "object"
+ type: "object"
+ batch-bytes:
+ type: "integer"
+ batch-lines:
+ type: "integer"
+ batch-timeout:
+ type: "integer"
+ channel_args:
+ additionalProperties:
+ type: "string"
+ type: "object"
+ compression:
+ type: "boolean"
+ disk_buffer:
+ properties:
+ compaction:
+ type: "boolean"
+ dir:
+ type: "string"
+ disk_buf_size:
+ format: "int64"
+ type: "integer"
+ mem_buf_length:
+ format: "int64"
+ type: "integer"
+ mem_buf_size:
+ format: "int64"
+ type: "integer"
+ q_out_size:
+ format: "int64"
+ type: "integer"
+ reliable:
+ type: "boolean"
+ required:
+ - "disk_buf_size"
+ - "reliable"
+ type: "object"
+ url:
+ type: "string"
+ required:
+ - "url"
+ type: "object"
redis:
properties:
auth:
diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml
index 8ca8485ef..2fca2c871 100644
--- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml
+++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml
@@ -1021,14 +1021,14 @@ spec:
- message: "AbsoluteTimeout must be specified when cookie lifetimeType is Permanent"
rule: "!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)"
timeouts:
- description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended\n\n\n"
+ description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended"
properties:
backendRequest:
- description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nBecause the Request timeout encompasses the BackendRequest timeout, the value of\nBackendRequest must be <= the value of Request timeout.\n\n\nSupport: Extended"
+ description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nThe value of BackendRequest must be a Gateway API Duration string as defined by\nGEP-2257. When this field is unspecified, its behavior is implementation-specific;\nwhen specified, the value of BackendRequest must be no more than the value of the\nRequest timeout (since the Request timeout encompasses the BackendRequest timeout).\n\n\nSupport: Extended"
pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$"
type: "string"
request:
- description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nWhen this field is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended"
+ description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nThe value of Request is a Gateway API Duration string as defined by GEP-2257. When this\nfield is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended"
pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$"
type: "string"
type: "object"
diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml
index 4463dd1e1..b0696bc3d 100644
--- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml
+++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml
@@ -1021,14 +1021,14 @@ spec:
- message: "AbsoluteTimeout must be specified when cookie lifetimeType is Permanent"
rule: "!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)"
timeouts:
- description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended\n\n\n"
+ description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended"
properties:
backendRequest:
- description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nBecause the Request timeout encompasses the BackendRequest timeout, the value of\nBackendRequest must be <= the value of Request timeout.\n\n\nSupport: Extended"
+ description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nThe value of BackendRequest must be a Gateway API Duration string as defined by\nGEP-2257. When this field is unspecified, its behavior is implementation-specific;\nwhen specified, the value of BackendRequest must be no more than the value of the\nRequest timeout (since the Request timeout encompasses the BackendRequest timeout).\n\n\nSupport: Extended"
pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$"
type: "string"
request:
- description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nWhen this field is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended"
+ description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nThe value of Request is a Gateway API Duration string as defined by GEP-2257. When this\nfield is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended"
pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$"
type: "string"
type: "object"
diff --git a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml
index 6418efd2b..d64cae298 100644
--- a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml
+++ b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml
@@ -182,6 +182,9 @@ spec:
description: "Specifies the desired number of successfully finished pods the\njob should be run with. Setting to null means that the success of any\npod signals the success of all pods, and allows parallelism to have any positive\nvalue. Setting to 1 means that parallelism is limited to 1 and the success of that\npod signals the success of the job.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/"
format: "int32"
type: "integer"
+ managedBy:
+ description: "ManagedBy field indicates the controller that manages a Job. The k8s Job\ncontroller reconciles jobs which don't have this field at all or the field\nvalue is the reserved string `kubernetes.io/job-controller`, but skips\nreconciling Jobs with a custom value for this field.\nThe value must be a valid domain-prefixed path (e.g. acme.io/foo) -\nall characters before the first \"/\" must be a valid subdomain as defined\nby RFC 1123. All characters trailing the first \"/\" must be valid HTTP Path\ncharacters as defined by RFC 3986. The value cannot exceed 64 characters.\n\n\nThis field is alpha-level. The job controller accepts setting the field\nwhen the feature gate JobManagedBy is enabled (disabled by default)."
+ type: "string"
manualSelector:
description: "manualSelector controls generation of pod labels and pod selectors.\nLeave `manualSelector` unset unless you are certain what you are doing.\nWhen false or unset, the system pick labels unique to this job\nand appends those labels to the pod template. When true,\nthe user is responsible for picking unique labels and specifying\nthe selector. Failure to pick a unique label may cause this\nand other jobs to not function correctly. However, You may see\n`manualSelector=true` in jobs that were created with the old `extensions/v1beta1`\nAPI.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector"
type: "boolean"
@@ -271,11 +274,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -283,6 +288,27 @@ spec:
type: "object"
type: "object"
x-kubernetes-map-type: "atomic"
+ successPolicy:
+ description: "successPolicy specifies the policy when the Job can be declared as succeeded.\nIf empty, the default behavior applies - the Job is declared as succeeded\nonly when the number of succeeded pods equals to the completions.\nWhen the field is specified, it must be immutable and works only for the Indexed Jobs.\nOnce the Job meets the SuccessPolicy, the lingering pods are terminated.\n\n\nThis field is alpha-level. To use this field, you must enable the\n`JobSuccessPolicy` feature gate (disabled by default)."
+ properties:
+ rules:
+ description: "rules represents the list of alternative rules for the declaring the Jobs\nas successful before `.status.succeeded >= .spec.completions`. Once any of the rules are met,\nthe \"SucceededCriteriaMet\" condition is added, and the lingering pods are removed.\nThe terminal state for such a Job has the \"Complete\" condition.\nAdditionally, these rules are evaluated in order; Once the Job meets one of the rules,\nother rules are ignored. At most 20 elements are allowed."
+ items:
+ description: "SuccessPolicyRule describes rule for declaring a Job as succeeded.\nEach rule must have at least one of the \"succeededIndexes\" or \"succeededCount\" specified."
+ properties:
+ succeededCount:
+ description: "succeededCount specifies the minimal required size of the actual set of the succeeded indexes\nfor the Job. When succeededCount is used along with succeededIndexes, the check is\nconstrained only to the set of indexes specified by succeededIndexes.\nFor example, given that succeededIndexes is \"1-4\", succeededCount is \"3\",\nand completed indexes are \"1\", \"3\", and \"5\", the Job isn't declared as succeeded\nbecause only \"1\" and \"3\" indexes are considered in that rules.\nWhen this field is null, this doesn't default to any value and\nis never evaluated at any time.\nWhen specified it needs to be a positive integer."
+ format: "int32"
+ type: "integer"
+ succeededIndexes:
+ description: "succeededIndexes specifies the set of indexes\nwhich need to be contained in the actual set of the succeeded indexes for the Job.\nThe list of indexes must be within 0 to \".spec.completions-1\" and\nmust not contain duplicates. At least one element is required.\nThe indexes are represented as intervals separated by commas.\nThe intervals can be a decimal integer or a pair of decimal integers separated by a hyphen.\nThe number are listed in represented by the first and last element of the series,\nseparated by a hyphen.\nFor example, if the completed indexes are 1, 3, 4, 5 and 7, they are\nrepresented as \"1,3-5,7\".\nWhen this field is null, this field doesn't default to any value\nand is never evaluated at any time."
+ type: "string"
+ type: "object"
+ type: "array"
+ x-kubernetes-list-type: "atomic"
+ required:
+ - "rules"
+ type: "object"
suspend:
description: "suspend specifies whether the Job controller should create Pods or not. If\na Job is created with suspend set to true, no Pods are created by the Job\ncontroller. If a Job is suspended after creation (i.e. the flag goes from\nfalse to true), the Job controller will delete all active Pods associated\nwith this Job. Users must design their workload to gracefully handle this.\nSuspending a Job will reset the StartTime field of the Job, effectively\nresetting the ActiveDeadlineSeconds timer too. Defaults to false."
type: "boolean"
@@ -346,11 +372,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchFields:
description: "A list of node selector requirements by node's fields."
items:
@@ -367,11 +395,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
x-kubernetes-map-type: "atomic"
weight:
@@ -383,6 +413,7 @@ spec:
- "weight"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
requiredDuringSchedulingIgnoredDuringExecution:
description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
properties:
@@ -407,11 +438,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchFields:
description: "A list of node selector requirements by node's fields."
items:
@@ -428,14 +461,17 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
x-kubernetes-map-type: "atomic"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "nodeSelectorTerms"
type: "object"
@@ -471,11 +507,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -484,13 +522,13 @@ spec:
type: "object"
x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
mismatchLabelKeys:
- description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
@@ -514,11 +552,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -531,6 +571,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
topologyKey:
description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
type: "string"
@@ -546,6 +587,7 @@ spec:
- "weight"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
requiredDuringSchedulingIgnoredDuringExecution:
description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
items:
@@ -570,11 +612,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -583,13 +627,13 @@ spec:
type: "object"
x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
mismatchLabelKeys:
- description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
@@ -613,11 +657,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -630,6 +676,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
topologyKey:
description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
type: "string"
@@ -637,6 +684,7 @@ spec:
- "topologyKey"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
podAntiAffinity:
description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
@@ -668,11 +716,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -681,13 +731,13 @@ spec:
type: "object"
x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
mismatchLabelKeys:
- description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
@@ -711,11 +761,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -728,6 +780,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
topologyKey:
description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
type: "string"
@@ -743,6 +796,7 @@ spec:
- "weight"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
requiredDuringSchedulingIgnoredDuringExecution:
description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
items:
@@ -767,11 +821,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -780,13 +836,13 @@ spec:
type: "object"
x-kubernetes-map-type: "atomic"
matchLabelKeys:
- description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
x-kubernetes-list-type: "atomic"
mismatchLabelKeys:
- description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
+ description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate."
items:
type: "string"
type: "array"
@@ -810,11 +866,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -827,6 +885,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
topologyKey:
description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
type: "string"
@@ -834,6 +893,7 @@ spec:
- "topologyKey"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
type: "object"
automountServiceAccountToken:
@@ -849,11 +909,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
command:
description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
env:
description: "List of environment variables to set in the container.\nCannot be updated."
items:
@@ -875,7 +937,8 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -924,7 +987,8 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -938,6 +1002,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
envFrom:
description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
@@ -947,7 +1014,8 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
@@ -961,7 +1029,8 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret must be defined"
@@ -970,6 +1039,7 @@ spec:
x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
image:
description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
@@ -990,6 +1060,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
httpGet:
description: "HTTPGet specifies the http request to perform."
@@ -1013,6 +1084,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -1065,6 +1137,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
httpGet:
description: "HTTPGet specifies the http request to perform."
@@ -1088,6 +1161,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -1141,6 +1215,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -1181,6 +1256,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -1277,6 +1353,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -1317,6 +1394,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -1431,6 +1509,18 @@ spec:
allowPrivilegeEscalation:
description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
+ appArmorProfile:
+ description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
+ type: "string"
+ type:
+ description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
capabilities:
description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
@@ -1440,12 +1530,14 @@ spec:
description: "Capability represent POSIX capabilities type"
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
drop:
description: "Removed capabilities"
items:
description: "Capability represent POSIX capabilities type"
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
privileged:
description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
@@ -1523,6 +1615,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -1563,6 +1656,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -1645,6 +1739,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "devicePath"
+ x-kubernetes-list-type: "map"
volumeMounts:
description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
@@ -1654,7 +1751,7 @@ spec:
description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)."
type: "string"
name:
description: "This must match the Name of a Volume."
@@ -1662,6 +1759,9 @@ spec:
readOnly:
description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
+ recursiveReadOnly:
+ description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled."
+ type: "string"
subPath:
description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
@@ -1673,6 +1773,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "mountPath"
+ x-kubernetes-list-type: "map"
workingDir:
description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
@@ -1680,6 +1783,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
dnsConfig:
description: "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy."
properties:
@@ -1688,6 +1794,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
options:
description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy."
items:
@@ -1700,11 +1807,13 @@ spec:
type: "string"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
searches:
description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed."
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
dnsPolicy:
description: "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'."
@@ -1722,11 +1831,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
command:
description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
env:
description: "List of environment variables to set in the container.\nCannot be updated."
items:
@@ -1748,7 +1859,8 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -1797,7 +1909,8 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -1811,6 +1924,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
envFrom:
description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
@@ -1820,7 +1936,8 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
@@ -1834,7 +1951,8 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret must be defined"
@@ -1843,6 +1961,7 @@ spec:
x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
image:
description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images"
type: "string"
@@ -1863,6 +1982,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
httpGet:
description: "HTTPGet specifies the http request to perform."
@@ -1886,6 +2006,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -1938,6 +2059,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
httpGet:
description: "HTTPGet specifies the http request to perform."
@@ -1961,6 +2083,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -2014,6 +2137,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -2054,6 +2178,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -2150,6 +2275,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -2190,6 +2316,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -2304,6 +2431,18 @@ spec:
allowPrivilegeEscalation:
description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
+ appArmorProfile:
+ description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
+ type: "string"
+ type:
+ description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
capabilities:
description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
@@ -2313,12 +2452,14 @@ spec:
description: "Capability represent POSIX capabilities type"
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
drop:
description: "Removed capabilities"
items:
description: "Capability represent POSIX capabilities type"
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
privileged:
description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
@@ -2396,6 +2537,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -2436,6 +2578,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -2521,6 +2664,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "devicePath"
+ x-kubernetes-list-type: "map"
volumeMounts:
description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated."
items:
@@ -2530,7 +2676,7 @@ spec:
description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)."
type: "string"
name:
description: "This must match the Name of a Volume."
@@ -2538,6 +2684,9 @@ spec:
readOnly:
description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
+ recursiveReadOnly:
+ description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled."
+ type: "string"
subPath:
description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
@@ -2549,6 +2698,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "mountPath"
+ x-kubernetes-list-type: "map"
workingDir:
description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
@@ -2556,8 +2708,11 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
hostAliases:
- description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified. This is only valid for non-hostNetwork pods."
+ description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified."
items:
description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file."
properties:
@@ -2566,11 +2721,17 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
ip:
description: "IP address of the host file entry."
type: "string"
+ required:
+ - "ip"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "ip"
+ x-kubernetes-list-type: "map"
hostIPC:
description: "Use the host's ipc namespace.\nOptional: Default to false."
type: "boolean"
@@ -2592,11 +2753,15 @@ spec:
description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace."
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
initContainers:
description: "List of initialization containers belonging to the pod.\nInit containers are executed in order prior to containers being started. If any\ninit container fails, the pod is considered to have failed and is handled according\nto its restartPolicy. The name for an init container or normal container must be\nunique among all containers.\nInit containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.\nThe resourceRequirements of an init container are taken into account during scheduling\nby finding the highest request/limit for each resource type, and then using the max of\nof that value or the sum of the normal containers. Limits are applied to init containers\nin a similar fashion.\nInit containers cannot currently be added or removed.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/"
items:
@@ -2607,11 +2772,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
command:
description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
env:
description: "List of environment variables to set in the container.\nCannot be updated."
items:
@@ -2633,7 +2800,8 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -2682,7 +2850,8 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -2696,6 +2865,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
envFrom:
description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
items:
@@ -2705,7 +2877,8 @@ spec:
description: "The ConfigMap to select from"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap must be defined"
@@ -2719,7 +2892,8 @@ spec:
description: "The Secret to select from"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret must be defined"
@@ -2728,6 +2902,7 @@ spec:
x-kubernetes-map-type: "atomic"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
image:
description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
type: "string"
@@ -2748,6 +2923,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
httpGet:
description: "HTTPGet specifies the http request to perform."
@@ -2771,6 +2947,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -2823,6 +3000,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
httpGet:
description: "HTTPGet specifies the http request to perform."
@@ -2846,6 +3024,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -2899,6 +3078,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -2939,6 +3119,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -3035,6 +3216,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -3075,6 +3257,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -3189,6 +3372,18 @@ spec:
allowPrivilegeEscalation:
description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
type: "boolean"
+ appArmorProfile:
+ description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
+ type: "string"
+ type:
+ description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
capabilities:
description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
properties:
@@ -3198,12 +3393,14 @@ spec:
description: "Capability represent POSIX capabilities type"
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
drop:
description: "Removed capabilities"
items:
description: "Capability represent POSIX capabilities type"
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
privileged:
description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
@@ -3281,6 +3478,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
failureThreshold:
description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
@@ -3321,6 +3519,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "Path to access on the HTTP server."
type: "string"
@@ -3403,6 +3602,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "devicePath"
+ x-kubernetes-list-type: "map"
volumeMounts:
description: "Pod volumes to mount into the container's filesystem.\nCannot be updated."
items:
@@ -3412,7 +3614,7 @@ spec:
description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'."
type: "string"
mountPropagation:
- description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10."
+ description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)."
type: "string"
name:
description: "This must match the Name of a Volume."
@@ -3420,6 +3622,9 @@ spec:
readOnly:
description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
type: "boolean"
+ recursiveReadOnly:
+ description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled."
+ type: "string"
subPath:
description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
type: "string"
@@ -3431,6 +3636,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "mountPath"
+ x-kubernetes-list-type: "map"
workingDir:
description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
type: "string"
@@ -3438,6 +3646,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
nodeName:
description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this pod onto that node, assuming that it fits resource\nrequirements."
type: "string"
@@ -3448,7 +3659,7 @@ spec:
type: "object"
x-kubernetes-map-type: "atomic"
os:
- description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup"
+ description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.appArmorProfile\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.appArmorProfile\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup"
properties:
name:
description: "Name is the name of the operating system. The currently supported values are linux and windows.\nAdditional value may be defined in future and can be one of:\nhttps://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration\nClients should expect to handle additional values and treat unrecognized values in this field as os: null"
@@ -3487,6 +3698,7 @@ spec:
- "conditionType"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
resourceClaims:
description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable."
items:
@@ -3522,7 +3734,7 @@ spec:
description: "If specified, the pod will be dispatched by specified scheduler.\nIf not specified, the pod will be dispatched by default scheduler."
type: "string"
schedulingGates:
- description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate."
+ description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards."
items:
description: "PodSchedulingGate is associated to a Pod to guard its scheduling."
properties:
@@ -3539,6 +3751,18 @@ spec:
securityContext:
description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field."
properties:
+ appArmorProfile:
+ description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
+ properties:
+ localhostProfile:
+ description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
+ type: "string"
+ type:
+ description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
+ type: "string"
+ required:
+ - "type"
+ type: "object"
fsGroup:
description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
format: "int64"
@@ -3591,6 +3815,7 @@ spec:
format: "int64"
type: "integer"
type: "array"
+ x-kubernetes-list-type: "atomic"
sysctls:
description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
items:
@@ -3607,6 +3832,7 @@ spec:
- "value"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
windowsOptions:
description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
properties:
@@ -3625,7 +3851,7 @@ spec:
type: "object"
type: "object"
serviceAccount:
- description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead."
+ description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead."
type: "string"
serviceAccountName:
description: "ServiceAccountName is the name of the ServiceAccount to use to run this pod.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/"
@@ -3666,6 +3892,7 @@ spec:
type: "string"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
topologySpreadConstraints:
description: "TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
items:
@@ -3690,11 +3917,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -3713,7 +3942,7 @@ spec:
format: "int32"
type: "integer"
minDomains:
- description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
+ description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew."
format: "int32"
type: "integer"
nodeAffinityPolicy:
@@ -3811,6 +4040,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
path:
description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
type: "string"
@@ -3824,7 +4054,8 @@ spec:
description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -3847,7 +4078,8 @@ spec:
description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -3884,8 +4116,10 @@ spec:
- "path"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
@@ -3905,7 +4139,8 @@ spec:
description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -3933,7 +4168,7 @@ spec:
description: "DownwardAPIVolumeFile represents information to create the file containing the pod field"
properties:
fieldRef:
- description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported."
+ description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -3976,6 +4211,7 @@ spec:
- "path"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
emptyDir:
description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
@@ -4025,6 +4261,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
dataSource:
description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
properties:
@@ -4102,11 +4339,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -4118,7 +4357,7 @@ spec:
description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
type: "string"
volumeAttributesClassName:
- description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
+ description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled."
type: "string"
volumeMode:
description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
@@ -4149,11 +4388,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
wwids:
description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
flexVolume:
description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
@@ -4176,7 +4417,8 @@ spec:
description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -4285,6 +4527,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
readOnly:
description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
type: "boolean"
@@ -4292,7 +4535,8 @@ spec:
description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -4396,11 +4640,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -4446,8 +4692,10 @@ spec:
- "path"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "optional specify whether the ConfigMap or its keys must be defined"
@@ -4463,7 +4711,7 @@ spec:
description: "DownwardAPIVolumeFile represents information to create the file containing the pod field"
properties:
fieldRef:
- description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported."
+ description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported."
properties:
apiVersion:
description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
@@ -4506,6 +4754,7 @@ spec:
- "path"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
secret:
description: "secret information about the secret data to project"
@@ -4530,8 +4779,10 @@ spec:
- "path"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "optional field specify whether the Secret or its key must be defined"
@@ -4556,6 +4807,7 @@ spec:
type: "object"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
type: "object"
quobyte:
description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
@@ -4599,6 +4851,7 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
pool:
description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
type: "string"
@@ -4609,7 +4862,8 @@ spec:
description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -4639,7 +4893,8 @@ spec:
description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -4690,6 +4945,7 @@ spec:
- "path"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
optional:
description: "optional field specify whether the Secret or its keys must be defined"
type: "boolean"
@@ -4710,7 +4966,8 @@ spec:
description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
properties:
name:
- description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -4743,6 +5000,9 @@ spec:
- "name"
type: "object"
type: "array"
+ x-kubernetes-list-map-keys:
+ - "name"
+ x-kubernetes-list-type: "map"
required:
- "containers"
type: "object"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml
index a5c17e14d..429b158f6 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "clusterpolicies.kyverno.io"
spec:
group: "kyverno.io"
@@ -24,9 +24,6 @@ spec:
- jsonPath: ".spec.background"
name: "BACKGROUND"
type: "boolean"
- - jsonPath: ".spec.validationFailureAction"
- name: "VALIDATE ACTION"
- type: "string"
- jsonPath: ".status.conditions[?(@.type == \"Ready\")].status"
name: "READY"
type: "string"
@@ -2262,10 +2259,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -2821,6 +2816,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule."
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
@@ -5099,10 +5100,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -5658,6 +5657,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule."
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml
index 58e556ffc..c542f9b21 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "policies.kyverno.io"
spec:
group: "kyverno.io"
@@ -24,9 +24,6 @@ spec:
- jsonPath: ".spec.background"
name: "BACKGROUND"
type: "boolean"
- - jsonPath: ".spec.validationFailureAction"
- name: "VALIDATE ACTION"
- type: "string"
- jsonPath: ".status.conditions[?(@.type == \"Ready\")].status"
name: "READY"
type: "string"
@@ -2262,10 +2259,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -2821,6 +2816,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule."
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
@@ -5099,10 +5100,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -5658,6 +5657,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule."
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml
index 8130a40d2..fda034ae1 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "updaterequests.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml
index 0de504a63..9ab39378e 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "cleanuppolicies.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml
index 08313b376..0e51f3a98 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "clustercleanuppolicies.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml
index da314a77d..fd30d4de3 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "policyexceptions.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml
index 55715295c..40660a983 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "updaterequests.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml
index 3effb19d1..a6c39de33 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "globalcontextentries.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml
index ca32fb403..8f2268ef1 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "cleanuppolicies.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml
index b07738e7f..18dd7968c 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "clustercleanuppolicies.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml
index 4cb50e7a6..aa3385b07 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "clusterpolicies.kyverno.io"
spec:
group: "kyverno.io"
@@ -24,9 +24,6 @@ spec:
- jsonPath: ".spec.background"
name: "BACKGROUND"
type: "boolean"
- - jsonPath: ".spec.validationFailureAction"
- name: "VALIDATE ACTION"
- type: "string"
- jsonPath: ".status.conditions[?(@.type == \"Ready\")].status"
name: "READY"
type: "string"
@@ -2122,10 +2119,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -2653,6 +2648,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule"
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
@@ -4931,10 +4932,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -5490,6 +5489,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule."
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml
index 9d37d7964..272d640f6 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "policies.kyverno.io"
spec:
group: "kyverno.io"
@@ -24,9 +24,6 @@ spec:
- jsonPath: ".spec.background"
name: "BACKGROUND"
type: "boolean"
- - jsonPath: ".spec.validationFailureAction"
- name: "VALIDATE ACTION"
- type: "string"
- jsonPath: ".status.conditions[?(@.type == \"Ready\")].status"
name: "READY"
type: "string"
@@ -2122,10 +2119,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -2653,6 +2648,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule"
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
@@ -4931,10 +4932,8 @@ spec:
type: "string"
type: "object"
validationFailureAction:
- description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce."
+ description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce."
enum:
- - "audit"
- - "enforce"
- "Audit"
- "Enforce"
type: "string"
@@ -5490,6 +5489,12 @@ spec:
default: true
description: "UseCache enables caching of image verify responses for this rule."
type: "boolean"
+ validationFailureAction:
+ description: "Allowed values are Audit or Enforce."
+ enum:
+ - "Audit"
+ - "Enforce"
+ type: "string"
verifyDigest:
default: true
description: "VerifyDigest validates that images have a digest."
diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml
index f8fde46da..c2878f0ba 100644
--- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml
+++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "policyexceptions.kyverno.io"
spec:
group: "kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml
index 931dd50c2..22f134981 100644
--- a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml
+++ b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "clusterephemeralreports.reports.kyverno.io"
spec:
group: "reports.kyverno.io"
diff --git a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml
index 7cbfae2e8..85c448f7b 100644
--- a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml
+++ b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.15.0"
+ controller-gen.kubebuilder.io/version: "(devel)"
name: "ephemeralreports.reports.kyverno.io"
spec:
group: "reports.kyverno.io"
diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml
index 74bb620af..94a2cb774 100644
--- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml
+++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml
@@ -9071,7 +9071,8 @@ spec:
description: "Params defines extra parameters to pass to the monitor.\nAny parameter supported by MaxScale may be specified here. See reference:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/.\nMonitor specific parameter are also suported:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters.\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration."
type: "object"
suspend:
- description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this."
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
type: "object"
podDisruptionBudget:
@@ -9121,7 +9122,8 @@ spec:
description: "Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol."
type: "string"
suspend:
- description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this."
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
type: "object"
name:
@@ -9139,7 +9141,8 @@ spec:
- "readconnroute"
type: "string"
suspend:
- description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this."
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
required:
- "listener"
@@ -14096,7 +14099,7 @@ spec:
type: "object"
suspend:
default: false
- description: "Suspend defines whether the MariaDB reconciliation loop is enabled. This can be useful for maintenance, as disabling the reconciliation loop prevents the operator from interfering with user operations during maintenance activities."
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
timeZone:
description: "TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded."
diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml
index 07ca80d14..15f63592e 100644
--- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml
+++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml
@@ -5340,7 +5340,8 @@ spec:
description: "Params defines extra parameters to pass to the monitor.\nAny parameter supported by MaxScale may be specified here. See reference:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/.\nMonitor specific parameter are also suported:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters.\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration."
type: "object"
suspend:
- description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this."
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
type: "object"
nodeSelector:
@@ -5791,7 +5792,8 @@ spec:
description: "Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol."
type: "string"
suspend:
- description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this."
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
type: "object"
name:
@@ -5809,7 +5811,8 @@ spec:
- "readconnroute"
type: "string"
suspend:
- description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this."
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
type: "boolean"
required:
- "listener"
@@ -6343,6 +6346,10 @@ spec:
- "image"
type: "object"
type: "array"
+ suspend:
+ default: false
+ description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities."
+ type: "boolean"
tolerations:
description: "Tolerations to be used in the Pod."
items:
diff --git a/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml b/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml
index 87bee6afe..c05c87b2e 100644
--- a/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml
+++ b/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml
@@ -591,7 +591,7 @@ spec:
type: "object"
type: "object"
hardwareProfile:
- description: "The name of the profile matching the hardware details."
+ description: "The name of the profile matching the hardware details. Hardware profiles are deprecated and should not be relied on."
type: "string"
lastUpdated:
description: "LastUpdated identifies when this status was last observed."
@@ -907,7 +907,6 @@ spec:
required:
- "errorCount"
- "errorMessage"
- - "hardwareProfile"
- "operationalStatus"
- "poweredOn"
- "provisioning"
diff --git a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml
index 75eee67a6..11f092e1e 100644
--- a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml
+++ b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml
@@ -3,7 +3,7 @@ kind: "CustomResourceDefinition"
metadata:
annotations:
controller-gen.kubebuilder.io/version: "v0.15.0"
- operator.min.io/version: "v6.0.1"
+ operator.min.io/version: "v6.0.2"
name: "tenants.minio.min.io"
spec:
group: "minio.min.io"
diff --git a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml
index d628e3123..7161267e6 100644
--- a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml
+++ b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml
@@ -3,7 +3,7 @@ kind: "CustomResourceDefinition"
metadata:
annotations:
controller-gen.kubebuilder.io/version: "v0.15.0"
- operator.min.io/version: "v6.0.1"
+ operator.min.io/version: "v6.0.2"
name: "policybindings.sts.min.io"
spec:
group: "sts.min.io"
diff --git a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml
index da8b124f1..5c0073d2a 100644
--- a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml
+++ b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml
@@ -3,7 +3,7 @@ kind: "CustomResourceDefinition"
metadata:
annotations:
controller-gen.kubebuilder.io/version: "v0.15.0"
- operator.min.io/version: "v6.0.1"
+ operator.min.io/version: "v6.0.2"
name: "policybindings.sts.min.io"
spec:
group: "sts.min.io"
diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml
index bd73b916e..8362672ba 100644
--- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml
+++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml
@@ -143,6 +143,20 @@ spec:
- type: "string"
description: "SourcePorts defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example sourcePorts: 80.\nTo filter a range of ports, use a \"start-end\" range, string format. For example sourcePorts: \"80-100\"."
x-kubernetes-int-or-string: true
+ tcpFlags:
+ description: "`tcpFlags` defines the TCP flags to filter flows by."
+ enum:
+ - "SYN"
+ - "SYN-ACK"
+ - "ACK"
+ - "FIN"
+ - "RST"
+ - "URG"
+ - "ECE"
+ - "CWR"
+ - "FIN-ACK"
+ - "RST-ACK"
+ type: "string"
type: "object"
imagePullPolicy:
default: "IfNotPresent"
diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml
index 01a6db77b..e6d2b4846 100644
--- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml
+++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml
@@ -732,6 +732,20 @@ spec:
- type: "string"
description: "`sourcePorts` defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example: `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example: `sourcePorts: \"80-100\"`."
x-kubernetes-int-or-string: true
+ tcpFlags:
+ description: "`tcpFlags` defines the TCP flags to filter flows by."
+ enum:
+ - "SYN"
+ - "SYN-ACK"
+ - "ACK"
+ - "FIN"
+ - "RST"
+ - "URG"
+ - "ECE"
+ - "CWR"
+ - "FIN-ACK"
+ - "RST-ACK"
+ type: "string"
type: "object"
imagePullPolicy:
default: "IfNotPresent"
diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml
index 25b3ccaf9..b388c5699 100644
--- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml
+++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml
@@ -142,8 +142,12 @@ spec:
type: "string"
clientSecret:
type: "string"
+ endSessionEndpoint:
+ type: "string"
jwksURI:
type: "string"
+ postLogoutRedirectURI:
+ type: "string"
redirectURI:
type: "string"
scope:
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml
index 1bbff6b19..7570d6e0a 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml
@@ -60,7 +60,8 @@ spec:
description: "ClusterDeploymentRef is a reference to the cluster deployment that this customization is applied on."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -68,7 +69,8 @@ spec:
description: "ClusterPoolRef is the name of the current cluster pool the CDC used at."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml
index 0196348ca..506b6a761 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml
@@ -63,7 +63,8 @@ spec:
description: "BoundServiceAccountSigningKeySecretRef refers to a Secret that contains a 'bound-service-account-signing-key.key' data key pointing to the private key that will be used to sign ServiceAccount objects. Primarily used to provision AWS clusters to use Amazon's Security Token Service."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -76,7 +77,8 @@ spec:
description: "CertificateSecretRef is the reference to the secret that contains the certificate bundle. If the certificate bundle is to be generated, it will be generated with the name in this reference. Otherwise, it is expected that the secret should exist in the same namespace as the ClusterDeployment"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -115,7 +117,8 @@ spec:
description: "AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -123,7 +126,8 @@ spec:
description: "AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -182,7 +186,8 @@ spec:
description: "CustomizationRef is the ClusterPool Inventory claimed customization for this ClusterDeployment. The Customization exists in the ClusterPool namespace."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -272,11 +277,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -303,11 +310,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -358,11 +367,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -391,7 +402,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the AWS account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -438,7 +450,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the Azure account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -456,7 +469,8 @@ spec:
description: "LibvirtSSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to the libvirt provisioning host. The SSH private key is expected to be in the secret data under the \"ssh-privatekey\" key."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -470,7 +484,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the GCP account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -513,7 +528,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains IBM Cloud account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -534,7 +550,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack. There is additional configuration required for the OpenShift cluster to trust the certificates provided in this secret. The \"clouds.yaml\" file included in the credentialsSecretRef Secret must also include a reference to the certificate bundle file for the OpenShift cluster being created to trust the OpenStack endpoints. The \"clouds.yaml\" file must set the \"cacert\" field to either \"/etc/openstack-ca/\" or \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\". \n For example, \"\"\"clouds.yaml clouds: shiftstack: auth: ... cacert: \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\" \"\"\""
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -545,7 +562,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the OpenStack account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -563,7 +581,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with oVirt."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -571,7 +590,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the oVirt account access credentials with fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -597,7 +617,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -608,7 +629,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD fields."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -661,7 +683,8 @@ spec:
description: "InstallConfigSecretRef is the reference to a secret that contains an openshift-install InstallConfig. This file will be passed through directly to the installer. Any version of InstallConfig can be used, provided it can be parsed by the openshift-install version for the release you are provisioning."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -686,7 +709,8 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -735,7 +759,8 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -756,7 +781,8 @@ spec:
description: "ManifestsConfigMapRef is a reference to user-provided manifests to add to or replace manifests that are generated by the installer. It serves the same purpose as, and is mutually exclusive with, ManifestsSecretRef."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -764,7 +790,8 @@ spec:
description: "ManifestsSecretRef is a reference to user-provided manifests to add to or replace manifests that are generated by the installer. It serves the same purpose as, and is mutually exclusive with, ManifestsConfigMapRef."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -780,7 +807,8 @@ spec:
description: "SSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to compute instances. This private key should correspond to the public key included in the InstallConfig. The private key is used by Hive to gather logs on the target cluster if there are install failures. The SSH private key is expected to be in the secret data under the \"ssh-privatekey\" key."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -789,7 +817,8 @@ spec:
description: "PullSecretRef is the reference to the secret to use when pulling images."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -931,7 +960,8 @@ spec:
description: "ProvisionRef is a reference to the last ClusterProvision created for the deployment"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml
index b3a235649..889ea4e63 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml
@@ -77,7 +77,8 @@ spec:
description: "CredentialsSecretRef is the AWS account credentials to use for deprovisioning the cluster"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -106,7 +107,8 @@ spec:
description: "CredentialsSecretRef is the Azure account credentials to use for deprovisioning the cluster"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -121,7 +123,8 @@ spec:
description: "CredentialsSecretRef is the GCP account credentials to use for deprovisioning the cluster"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -144,7 +147,8 @@ spec:
description: "CredentialsSecretRef is the IBM Cloud credentials to use for deprovisioning the cluster"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -163,7 +167,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -174,7 +179,8 @@ spec:
description: "CredentialsSecretRef is the OpenStack account credentials to use for deprovisioning the cluster"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -188,7 +194,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with the oVirt."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -199,7 +206,8 @@ spec:
description: "CredentialsSecretRef is the oVirt account credentials to use for deprovisioning the cluster secret fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -215,7 +223,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -223,7 +232,8 @@ spec:
description: "CredentialsSecretRef is the vSphere account credentials to use for deprovisioning the cluster"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml
index dc8c0f447..2b2933518 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml
@@ -96,7 +96,8 @@ spec:
description: "InstallConfigSecretTemplateRef is a secret with the key install-config.yaml consisting of the content of the install-config.yaml to be used as a template for all clusters in this pool. Cluster specific settings (name, basedomain) will be injected dynamically when the ClusterDeployment install-config Secret is generated."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -121,7 +122,8 @@ spec:
description: "The key to select."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the ConfigMap or its key must be defined"
@@ -170,7 +172,8 @@ spec:
description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
description: "Specify whether the Secret or its key must be defined"
@@ -239,11 +242,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
@@ -272,7 +277,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the AWS account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -319,7 +325,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the Azure account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -337,7 +344,8 @@ spec:
description: "LibvirtSSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to the libvirt provisioning host. The SSH private key is expected to be in the secret data under the \"ssh-privatekey\" key."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -351,7 +359,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the GCP account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -394,7 +403,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains IBM Cloud account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -415,7 +425,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack. There is additional configuration required for the OpenShift cluster to trust the certificates provided in this secret. The \"clouds.yaml\" file included in the credentialsSecretRef Secret must also include a reference to the certificate bundle file for the OpenShift cluster being created to trust the OpenStack endpoints. The \"clouds.yaml\" file must set the \"cacert\" field to either \"/etc/openstack-ca/\" or \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\". \n For example, \"\"\"clouds.yaml clouds: shiftstack: auth: ... cacert: \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\" \"\"\""
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -426,7 +437,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the OpenStack account access credentials."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -444,7 +456,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with oVirt."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -452,7 +465,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the oVirt account access credentials with fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -478,7 +492,8 @@ spec:
description: "CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -489,7 +504,8 @@ spec:
description: "CredentialsSecretRef refers to a secret that contains the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD fields."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -520,7 +536,8 @@ spec:
description: "PullSecretRef is the reference to the secret to use when pulling images."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml
index ffc7723d8..439883a38 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml
@@ -45,7 +45,8 @@ spec:
description: "AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -53,7 +54,8 @@ spec:
description: "AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -64,7 +66,8 @@ spec:
description: "ClusterDeploymentRef references the cluster deployment provisioned."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -140,7 +143,8 @@ spec:
description: "JobRef is the reference to the job performing the provision."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml
index 338553a68..2b2758863 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml
@@ -52,11 +52,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml
index 50adfedad..a6d7dc1fa 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml
@@ -63,7 +63,8 @@ spec:
description: "CredentialsSecretRef contains a reference to a secret that contains AWS credentials for CRUD operations"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -87,7 +88,8 @@ spec:
description: "CredentialsSecretRef references a secret that will be used to authenticate with Azure CloudDNS. It will need permission to create and manage CloudDNS Hosted Zones. Secret should have a key named 'osServicePrincipal.json'. The credentials must specify the project to use."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -105,7 +107,8 @@ spec:
description: "CredentialsSecretRef references a secret that will be used to authenticate with GCP CloudDNS. It will need permission to create and manage CloudDNS Hosted Zones. Secret should have a key named 'osServiceAccount.json'. The credentials must specify the project to use."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml
index d13a5cd3c..02f443d7a 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml
@@ -35,7 +35,8 @@ spec:
description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -64,7 +65,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS for associating the VPC with the Private HostedZone created for PrivateLink. When not provided, the common credentials for the controller should be used."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -81,7 +83,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS for creating the resources for AWS PrivateLink."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -390,7 +393,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS S3. It will need permission to upload logs to S3. Secret should have keys named aws_access_key_id and aws_secret_access_key that contain the AWS credentials. Example Secret: data: aws_access_key_id: minio aws_secret_access_key: minio123"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -436,7 +440,8 @@ spec:
description: "GlobalPullSecretRef is used to specify a pull secret that will be used globally by all of the cluster deployments. For each cluster deployment, the contents of GlobalPullSecret will be merged with the specific pull secret for a cluster deployment(if specified), with precedence given to the contents of the pull secret for the cluster deployment. The global pull secret is assumed to be in the TargetNamespace."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -461,7 +466,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS Route53. It will need permission to manage entries for the domain listed in the parent ManageDNSConfig object. Secret should have AWS keys named 'aws_access_key_id' and 'aws_secret_access_key'."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -487,7 +493,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with Azure DNS. It wil need permission to manage entries in each of the managed domains listed in the parent ManageDNSConfig object. Secret should have a key named 'osServicePrincipal.json'"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -510,7 +517,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with GCP DNS. It will need permission to manage entries in each of the managed domains for this cluster. listed in the parent ManageDNSConfig object. Secret should have a key named 'osServiceAccount.json'. The credentials must specify the project to use."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -564,7 +572,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with GCP for creating the resources for GCP Private Service Connect"
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -620,7 +629,8 @@ spec:
description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS to become the Service Provider. Being a Service Provider allows the controllers to assume the role in customer AWS accounts to manager clusters."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml
index a319c16bf..81666348f 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml
@@ -58,7 +58,8 @@ spec:
description: "ClusterDeploymentRef references the cluster deployment to which this machine pool belongs."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml
index 07f606004..32b9f7a56 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml
@@ -48,11 +48,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml
index 9cac6f95f..60b8ca520 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml
@@ -58,11 +58,13 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "atomic"
required:
- "key"
- "operator"
type: "object"
type: "array"
+ x-kubernetes-list-type: "atomic"
matchLabels:
additionalProperties:
type: "string"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml
index d460bf23e..bb6730a04 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml
@@ -35,7 +35,8 @@ spec:
description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml
index 0ff42ebbd..82662ba9b 100644
--- a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml
+++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml
@@ -45,7 +45,8 @@ spec:
description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml
index 1401711c1..93b63b642 100644
--- a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml
+++ b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml
@@ -19,6 +19,9 @@ spec:
- jsonPath: ".status.conditions[0].reason"
name: "Status"
type: "string"
+ - jsonPath: ".status.controlledByReplica"
+ name: "ControllerReplica"
+ type: "string"
- jsonPath: ".status.conditions[?(@.type==\"Failed\")].message"
name: "Message"
priority: 1
diff --git a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml
index 242aa0a4b..7b7810314 100644
--- a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml
+++ b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml
@@ -35,7 +35,7 @@ spec:
description: "ClusterDeploymentRef is a reference to the ClusterDeployment associated with this AgentClusterInstall."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
clusterMetadata:
@@ -45,7 +45,8 @@ spec:
description: "AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
@@ -53,7 +54,8 @@ spec:
description: "AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster."
properties:
name:
- description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"
+ default: ""
+ description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
type: "object"
x-kubernetes-map-type: "atomic"
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml
index e8babbf04..98b4e2d1a 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml
@@ -850,11 +850,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4966,6 +5118,9 @@ spec:
description: "Total number of non-terminated pods targeted by this Alertmanager\nobject (their labels match the selector)."
format: "int32"
type: "integer"
+ selector:
+ description: "The selector used to match the pods targeted by this Alertmanager object."
+ type: "string"
unavailableReplicas:
description: "Total number of unavailable pods targeted by this Alertmanager object."
format: "int32"
@@ -4987,4 +5142,8 @@ spec:
served: true
storage: true
subresources:
+ scale:
+ labelSelectorPath: ".status.selector"
+ specReplicasPath: ".spec.replicas"
+ statusReplicasPath: ".status.replicas"
status: {}
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml
index 1bff24425..4e7769ceb 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml
@@ -298,11 +298,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml
index c6cdcc798..ced3b1d96 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml
@@ -258,11 +258,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml
index 872b7de08..d55107e4f 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml
@@ -685,7 +685,7 @@ spec:
description: "Defines the settings related to Alertmanager."
properties:
alertmanagers:
- description: "AlertmanagerEndpoints Prometheus should fire alerts against."
+ description: "Alertmanager endpoints where Prometheus should send alerts to."
items:
description: "AlertmanagerEndpoints defines a selection of a single Endpoints object\ncontaining Alertmanager IPs to fire alerts against."
properties:
@@ -3664,11 +3664,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4084,11 +4236,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -5023,7 +5327,7 @@ spec:
description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods."
type: "string"
serviceDiscoveryRole:
- description: "Defines the service discovery role used to discover targets from `ServiceMonitor` objects.\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role."
+ description: "Defines the service discovery role used to discover targets from\n`ServiceMonitor` objects and Alertmanager endpoints.\n\n\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role."
enum:
- "Endpoints"
- "EndpointSlice"
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml
index 8298d0918..5ad645e26 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml
@@ -270,11 +270,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml
index ea4635350..b817fc6c1 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml
@@ -344,11 +344,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -854,11 +1006,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1227,11 +1531,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1597,11 +2053,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1974,11 +2582,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -2420,53 +3180,205 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
- scopes:
- description: "`scopes` defines the OAuth2 scopes used for the token request."
- items:
- type: "string"
- type: "array"
- tokenUrl:
- description: "`tokenURL` configures the URL to fetch the token from."
- minLength: 1
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
type: "string"
- required:
- - "clientId"
- - "clientSecret"
- - "tokenUrl"
- type: "object"
- proxyURL:
- description: "Optional proxy URL."
- type: "string"
- tlsConfig:
- description: "TLS configuration for the client."
- properties:
- ca:
- description: "Certificate authority used when verifying server certificates."
- properties:
- configMap:
- description: "ConfigMap containing data to use for the targets."
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
properties:
key:
- description: "The key to select."
+ description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
default: ""
description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
- description: "Specify whether the ConfigMap or its key must be defined"
+ description: "Specify whether the Secret or its key must be defined"
type: "boolean"
required:
- "key"
type: "object"
x-kubernetes-map-type: "atomic"
- secret:
- description: "Secret containing data to use for the targets."
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
+ scopes:
+ description: "`scopes` defines the OAuth2 scopes used for the token request."
+ items:
+ type: "string"
+ type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
+ tokenUrl:
+ description: "`tokenURL` configures the URL to fetch the token from."
+ minLength: 1
+ type: "string"
+ required:
+ - "clientId"
+ - "clientSecret"
+ - "tokenUrl"
+ type: "object"
+ proxyURL:
+ description: "Optional proxy URL."
+ type: "string"
+ tlsConfig:
+ description: "TLS configuration for the client."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
default: ""
description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
@@ -2749,11 +3661,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3136,11 +4200,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3481,11 +4697,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3792,11 +5160,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4096,11 +5616,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4441,11 +6113,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml
index 8b409ba57..acdc62362 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml
@@ -3245,11 +3245,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4093,7 +4245,7 @@ spec:
description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods."
type: "string"
serviceDiscoveryRole:
- description: "Defines the service discovery role used to discover targets from `ServiceMonitor` objects.\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role."
+ description: "Defines the service discovery role used to discover targets from\n`ServiceMonitor` objects and Alertmanager endpoints.\n\n\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role."
enum:
- "Endpoints"
- "EndpointSlice"
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml
index 59e5aaeb1..c7e529460 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml
@@ -177,11 +177,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -627,11 +779,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -944,11 +1248,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1129,19 +1585,22 @@ spec:
type: "array"
port:
description: "The port number used if the query type is not SRV\nIgnored for SRV records"
+ format: "int32"
+ maximum: 65535.0
+ minimum: 0.0
type: "integer"
refreshInterval:
description: "RefreshInterval configures the time after which the provided names are refreshed.\nIf not set, Prometheus uses its default value."
pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$"
type: "string"
type:
- description: "The type of DNS query to perform. One of SRV, A, AAAA, MX or NS.\nIf not set, Prometheus uses its default value.\n\n\nWhen set to NS, It requires Prometheus >= 2.49.0."
+ description: "The type of DNS query to perform. One of SRV, A, AAAA, MX or NS.\nIf not set, Prometheus uses its default value.\n\n\nWhen set to NS, it requires Prometheus >= v2.49.0.\nWhen set to MX, it requires Prometheus >= v2.38.0"
enum:
- - "SRV"
- "A"
- "AAAA"
- "MX"
- "NS"
+ - "SRV"
type: "string"
required:
- "names"
@@ -1315,11 +1774,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1654,11 +2265,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -2057,28 +2820,180 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
- scopes:
- description: "`scopes` defines the OAuth2 scopes used for the token request."
- items:
- type: "string"
- type: "array"
- tokenUrl:
- description: "`tokenURL` configures the URL to fetch the token from."
- minLength: 1
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
type: "string"
- required:
- - "clientId"
- - "clientSecret"
- - "tokenUrl"
- type: "object"
- proxyConnectHeader:
- additionalProperties:
- items:
- description: "SecretKeySelector selects a key of a Secret."
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
+ scopes:
+ description: "`scopes` defines the OAuth2 scopes used for the token request."
+ items:
+ type: "string"
+ type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
+ tokenUrl:
+ description: "`tokenURL` configures the URL to fetch the token from."
+ minLength: 1
+ type: "string"
+ required:
+ - "clientId"
+ - "clientSecret"
+ - "tokenUrl"
+ type: "object"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
name:
default: ""
description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
@@ -2423,11 +3338,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -2858,9 +3925,10 @@ spec:
properties:
apiServer:
description: "The API server address consisting of a hostname or IP address followed\nby an optional port number.\nIf left empty, Prometheus is assumed to run inside\nof the cluster. It will discover API servers automatically and use the pod's\nCA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/."
+ minLength: 1
type: "string"
attachMetadata:
- description: "Optional metadata to attach to discovered targets.\nIt requires Prometheus >= v2.35.0 for `pod` role and\nPrometheus >= v2.37.0 for `endpoints` and `endpointslice` roles."
+ description: "Optional metadata to attach to discovered targets.\nIt requires Prometheus >= v2.35.0 when using the `Pod` role and\nPrometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles."
properties:
node:
description: "Attaches node metadata to discovered targets.\nWhen set to true, Prometheus must have the `get` permission on the\n`Nodes` objects.\nOnly valid for Pod, Endpoint and Endpointslice roles."
@@ -2942,8 +4010,9 @@ spec:
items:
type: "string"
type: "array"
+ x-kubernetes-list-type: "set"
ownNamespace:
- description: "Includes the namespace in which the Prometheus pod exists to the list of watched namesapces."
+ description: "Includes the namespace in which the Prometheus pod runs to the list of watched namespaces."
type: "boolean"
type: "object"
noProxy:
@@ -3012,11 +4081,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3057,45 +4278,37 @@ spec:
pattern: "^http(s)?://.+$"
type: "string"
role:
- description: "Role of the Kubernetes entities that should be discovered."
+ description: "Role of the Kubernetes entities that should be discovered.\nRole `Endpointslice` requires Prometheus >= v2.21.0"
enum:
- - "Node"
- - "node"
- - "Service"
- - "service"
- "Pod"
- - "pod"
- "Endpoints"
- - "endpoints"
- - "EndpointSlice"
- - "endpointslice"
- "Ingress"
- - "ingress"
+ - "Service"
+ - "Node"
+ - "EndpointSlice"
type: "string"
selectors:
- description: "Selector to select objects."
+ description: "Selector to select objects.\nIt requires Prometheus >= v2.17.0"
items:
description: "K8SSelectorConfig is Kubernetes Selector Config"
properties:
field:
+ description: "An optional field selector to limit the service discovery to resources which have fields with specific values.\ne.g: `metadata.name=foobar`"
+ minLength: 1
type: "string"
label:
+ description: "An optional label selector to limit the service discovery to resources with specific labels and label values.\ne.g: `node.kubernetes.io/instance-type=master`"
+ minLength: 1
type: "string"
role:
- description: "Role is role of the service in Kubernetes."
+ description: "Role specifies the type of Kubernetes resource to limit the service discovery to.\nAccepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress."
enum:
- - "Node"
- - "node"
- - "Service"
- - "service"
- "Pod"
- - "pod"
- "Endpoints"
- - "endpoints"
- - "EndpointSlice"
- - "endpointslice"
- "Ingress"
- - "ingress"
+ - "Service"
+ - "Node"
+ - "EndpointSlice"
type: "string"
required:
- "role"
@@ -3105,7 +4318,7 @@ spec:
- "role"
x-kubernetes-list-type: "map"
tlsConfig:
- description: "TLS configuration to use on every scrape request."
+ description: "TLS configuration to connect to the Kubernetes API."
properties:
ca:
description: "Certificate authority used when verifying server certificates."
@@ -3373,11 +4586,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3720,11 +5085,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4020,11 +5537,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4266,6 +5935,235 @@ spec:
noProxy:
description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
type: "string"
+ oauth2:
+ description: "OAuth2 client credentials used to fetch a token for the targets."
+ properties:
+ clientId:
+ description: "`clientId` specifies a key of a Secret or ConfigMap containing the\nOAuth2 client's ID."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ clientSecret:
+ description: "`clientSecret` specifies a key of a Secret containing the OAuth2\nclient's secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ endpointParams:
+ additionalProperties:
+ type: "string"
+ description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
+ type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
+ scopes:
+ description: "`scopes` defines the OAuth2 scopes used for the token request."
+ items:
+ type: "string"
+ type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
+ tokenUrl:
+ description: "`tokenURL` configures the URL to fetch the token from."
+ minLength: 1
+ type: "string"
+ required:
+ - "clientId"
+ - "clientSecret"
+ - "tokenUrl"
+ type: "object"
openstackSDConfigs:
description: "OpenStackSDConfigs defines a list of OpenStack service discovery configurations."
items:
@@ -4736,11 +6634,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml
index cd36e836e..ddad94e10 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml
@@ -266,11 +266,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -768,11 +920,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1137,11 +1441,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1508,11 +1964,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -1879,11 +2487,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -2317,53 +3077,205 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
- scopes:
- description: "`scopes` defines the OAuth2 scopes used for the token request."
- items:
- type: "string"
- type: "array"
- tokenUrl:
- description: "`tokenURL` configures the URL to fetch the token from."
- minLength: 1
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
type: "string"
- required:
- - "clientId"
- - "clientSecret"
- - "tokenUrl"
- type: "object"
- proxyURL:
- description: "Optional proxy URL."
- type: "string"
- tlsConfig:
- description: "TLS configuration for the client."
- properties:
- ca:
- description: "Certificate authority used when verifying server certificates."
- properties:
- configMap:
- description: "ConfigMap containing data to use for the targets."
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
properties:
key:
- description: "The key to select."
+ description: "The key of the secret to select from. Must be a valid secret key."
type: "string"
name:
default: ""
description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
optional:
- description: "Specify whether the ConfigMap or its key must be defined"
+ description: "Specify whether the Secret or its key must be defined"
type: "boolean"
required:
- "key"
type: "object"
x-kubernetes-map-type: "atomic"
- secret:
- description: "Secret containing data to use for the targets."
- properties:
- key:
- description: "The key of the secret to select from. Must be a valid secret key."
- type: "string"
- name:
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
+ scopes:
+ description: "`scopes` defines the OAuth2 scopes used for the token request."
+ items:
+ type: "string"
+ type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
+ tokenUrl:
+ description: "`tokenURL` configures the URL to fetch the token from."
+ minLength: 1
+ type: "string"
+ required:
+ - "clientId"
+ - "clientSecret"
+ - "tokenUrl"
+ type: "object"
+ proxyURL:
+ description: "Optional proxy URL."
+ type: "string"
+ tlsConfig:
+ description: "TLS configuration for the client."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
default: ""
description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
type: "string"
@@ -2644,11 +3556,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3027,11 +4091,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3368,11 +4584,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3677,11 +5045,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -3979,11 +5499,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
@@ -4318,11 +5990,163 @@ spec:
type: "string"
description: "`endpointParams` configures the HTTP parameters to append to the token\nURL."
type: "object"
+ noProxy:
+ description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "string"
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: "SecretKeySelector selects a key of a Secret."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "array"
+ description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ proxyFromEnvironment:
+ description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0."
+ type: "boolean"
+ proxyUrl:
+ description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0."
+ pattern: "^http(s)?://.+$"
+ type: "string"
scopes:
description: "`scopes` defines the OAuth2 scopes used for the token request."
items:
type: "string"
type: "array"
+ tlsConfig:
+ description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0."
+ properties:
+ ca:
+ description: "Certificate authority used when verifying server certificates."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ cert:
+ description: "Client certificate to present when doing client-authentication."
+ properties:
+ configMap:
+ description: "ConfigMap containing data to use for the targets."
+ properties:
+ key:
+ description: "The key to select."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the ConfigMap or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ secret:
+ description: "Secret containing data to use for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ type: "object"
+ insecureSkipVerify:
+ description: "Disable target certificate validation."
+ type: "boolean"
+ keySecret:
+ description: "Secret containing the client key file for the targets."
+ properties:
+ key:
+ description: "The key of the secret to select from. Must be a valid secret key."
+ type: "string"
+ name:
+ default: ""
+ description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896."
+ type: "string"
+ optional:
+ description: "Specify whether the Secret or its key must be defined"
+ type: "boolean"
+ required:
+ - "key"
+ type: "object"
+ x-kubernetes-map-type: "atomic"
+ maxVersion:
+ description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ minVersion:
+ description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0."
+ enum:
+ - "TLS10"
+ - "TLS11"
+ - "TLS12"
+ - "TLS13"
+ type: "string"
+ serverName:
+ description: "Used to verify the hostname for the targets."
+ type: "string"
+ type: "object"
tokenUrl:
description: "`tokenURL` configures the URL to fetch the token from."
minLength: 1
diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml
index 85dbd7da3..3fe005d77 100644
--- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml
+++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml
@@ -47,6 +47,41 @@ spec:
items:
type: "string"
type: "array"
+ auth:
+ description: "The authentication configuration"
+ properties:
+ keystone:
+ description: "The spec for Keystone"
+ nullable: true
+ properties:
+ acceptedRoles:
+ description: "The roles requires to serve requests."
+ items:
+ type: "string"
+ type: "array"
+ implicitTenants:
+ description: "Create new users in their own tenants of the same name. Possible values are true, false, swift and s3. The latter have the effect of splitting the identity space such that only the indicated protocol will use implicit tenants."
+ type: "string"
+ revocationInterval:
+ description: "The number of seconds between token revocation checks."
+ nullable: true
+ type: "integer"
+ serviceUserSecretName:
+ description: "The name of the secret containing the credentials for the service user account used by RGW. It has to be in the same namespace as the object store resource."
+ type: "string"
+ tokenCacheSize:
+ description: "The maximum number of entries in each Keystone token cache."
+ nullable: true
+ type: "integer"
+ url:
+ description: "The URL for the Keystone server."
+ type: "string"
+ required:
+ - "acceptedRoles"
+ - "serviceUserSecretName"
+ - "url"
+ type: "object"
+ type: "object"
dataPool:
description: "The data pool settings"
nullable: true
@@ -1280,6 +1315,40 @@ spec:
preservePoolsOnDelete:
description: "Preserve pools on object store deletion"
type: "boolean"
+ protocols:
+ description: "The protocol specification"
+ properties:
+ s3:
+ description: "The spec for S3"
+ nullable: true
+ properties:
+ authUseKeystone:
+ description: "Whether to use Keystone for authentication. This option maps directly to the rgw_s3_auth_use_keystone option. Enabling it allows generating S3 credentials via an OpenStack API call, see the docs. If not given, the defaults of the corresponding RGW option apply."
+ nullable: true
+ type: "boolean"
+ enabled:
+ description: "Whether to enable S3. This defaults to true (even if protocols.s3 is not present in the CRD). This maintains backwards compatibility – by default S3 is enabled."
+ nullable: true
+ type: "boolean"
+ type: "object"
+ swift:
+ description: "The spec for Swift"
+ nullable: true
+ properties:
+ accountInUrl:
+ description: "Whether or not the Swift account name should be included in the Swift API URL. If set to false (the default), then the Swift API will listen on a URL formed like http://host:port//v1. If set to true, the Swift API URL will be http://host:port//v1/AUTH_. You must set this option to true (and update the Keystone service catalog) if you want radosgw to support publicly-readable containers and temporary URLs."
+ nullable: true
+ type: "boolean"
+ urlPrefix:
+ description: "The URL prefix for the Swift API, to distinguish it from the S3 API endpoint. The default is swift, which makes the Swift API available at the URL http://host:port/swift/v1 (or http://host:port/swift/v1/AUTH_%(tenant_id)s if rgw swift account in url is enabled)."
+ nullable: true
+ type: "string"
+ versioningEnabled:
+ description: "Enables the Object Versioning of OpenStack Object Storage API. This allows clients to put the X-Versions-Location attribute on containers that should be versioned."
+ nullable: true
+ type: "boolean"
+ type: "object"
+ type: "object"
security:
description: "Security represents security settings"
nullable: true
diff --git a/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml b/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml
index b7a40e011..283bd44e5 100644
--- a/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml
+++ b/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.7.0"
+ controller-gen.kubebuilder.io/version: "v0.14.0"
name: "databases.databases.schemahero.io"
spec:
group: "databases.schemahero.io"
@@ -31,10 +31,10 @@ spec:
description: "Database is the Schema for the databases API"
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -3612,9 +3612,3 @@ spec:
storage: true
subresources:
status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml
index ebc34e0a6..ab6fa2555 100644
--- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml
+++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.7.0"
+ controller-gen.kubebuilder.io/version: "v0.14.0"
name: "datatypes.schemas.schemahero.io"
spec:
group: "schemas.schemahero.io"
@@ -19,10 +19,10 @@ spec:
description: "DataType is the Schema for the datatypes API"
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -63,9 +63,3 @@ spec:
type: "object"
served: true
storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml
index 0b89f83d9..75ee9f923 100644
--- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml
+++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.7.0"
+ controller-gen.kubebuilder.io/version: "v0.14.0"
name: "migrations.schemas.schemahero.io"
spec:
group: "schemas.schemahero.io"
@@ -36,10 +36,10 @@ spec:
description: "Migration is the Schema for the migrations API"
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -93,9 +93,3 @@ spec:
served: true
storage: true
subresources: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml
index c65763fb6..87e79d058 100644
--- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml
+++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml
@@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1"
kind: "CustomResourceDefinition"
metadata:
annotations:
- controller-gen.kubebuilder.io/version: "v0.7.0"
+ controller-gen.kubebuilder.io/version: "v0.14.0"
name: "tables.schemas.schemahero.io"
spec:
group: "schemas.schemahero.io"
@@ -33,10 +33,10 @@ spec:
description: "Table is the Schema for the tables API"
properties:
apiVersion:
- description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
+ description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
type: "string"
kind:
- description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
+ description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
type: "string"
metadata:
type: "object"
@@ -774,16 +774,10 @@ spec:
description: "TableStatus defines the observed state of Table"
properties:
lastPlannedTableSpecSHA:
- description: "We store the SHA of the table spec from the last time we executed a plan to make startup less noisy by skipping re-planning objects that have been planned we cannot use the resourceVersion or generation fields because updating them would cause the object to be modified again"
+ description: "We store the SHA of the table spec from the last time we executed a plan to\nmake startup less noisy by skipping re-planning objects that have been planned\nwe cannot use the resourceVersion or generation fields because updating them\nwould cause the object to be modified again"
type: "string"
type: "object"
type: "object"
served: true
storage: true
subresources: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml
index 7ff92b55d..e3795741d 100644
--- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml
+++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml
@@ -366,6 +366,9 @@ spec:
items:
type: "string"
type: "array"
+ oneWayTls:
+ nullable: true
+ type: "boolean"
parameters:
properties:
cipherSuites:
@@ -2291,6 +2294,9 @@ spec:
items:
type: "string"
type: "array"
+ oneWayTls:
+ nullable: true
+ type: "boolean"
parameters:
properties:
cipherSuites:
diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml
index 620730eea..8d7ef0fc8 100644
--- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml
+++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml
@@ -360,6 +360,9 @@ spec:
items:
type: "string"
type: "array"
+ oneWayTls:
+ nullable: true
+ type: "boolean"
parameters:
properties:
cipherSuites:
diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml
index 5b96c2406..f236e53d7 100644
--- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml
+++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml
@@ -565,6 +565,9 @@ spec:
items:
type: "string"
type: "array"
+ oneWayTls:
+ nullable: true
+ type: "boolean"
parameters:
properties:
cipherSuites:
@@ -860,6 +863,9 @@ spec:
items:
type: "string"
type: "array"
+ oneWayTls:
+ nullable: true
+ type: "boolean"
parameters:
properties:
cipherSuites:
@@ -1531,6 +1537,9 @@ spec:
items:
type: "string"
type: "array"
+ oneWayTls:
+ nullable: true
+ type: "boolean"
parameters:
properties:
cipherSuites:
diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml
index 145ce1a54..64244cdbe 100644
--- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml
+++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml
@@ -123,11 +123,16 @@ spec:
type: "integer"
type: "object"
compress:
- description: "Compress holds the compress middleware configuration.\nThis middleware compresses responses before sending them to the client, using gzip compression.\nMore info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/"
+ description: "Compress holds the compress middleware configuration.\nThis middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.\nMore info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/"
properties:
defaultEncoding:
description: "DefaultEncoding specifies the default encoding if the `Accept-Encoding` header is not in the request or contains a wildcard (`*`)."
type: "string"
+ encodings:
+ description: "Encodings defines the list of supported compression algorithms."
+ items:
+ type: "string"
+ type: "array"
excludedContentTypes:
description: "ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.\n`application/grpc` is always excluded."
items:
diff --git a/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs b/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs
index 7866f6edb..eaa713d5f 100644
--- a/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs
+++ b/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs
@@ -614,151 +614,1092 @@ pub struct ChallengeSolverHttp01GatewayHttpRoute {
/// https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways
#[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")]
pub parent_refs: Option>,
+ /// Optional pod template used to configure the ACME challenge solver pods
+ /// used for HTTP01 challenges.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")]
+ pub pod_template: Option,
/// Optional service type for Kubernetes solver service. Supported values
/// are NodePort or ClusterIP. If unset, defaults to NodePort.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")]
pub service_type: Option,
}
-/// ParentReference identifies an API object (usually a Gateway) that can be considered
-/// a parent of this resource (usually a route). There are two kinds of parent resources
-/// with "Core" support:
-///
-///
-/// * Gateway (Gateway conformance profile)
-/// * Service (Mesh conformance profile, ClusterIP Services only)
-///
-///
-/// This API may be extended in the future to support additional kinds of parent
-/// resources.
-///
-///
-/// The API object must be valid in the cluster; the Group and Kind must
-/// be registered in the cluster for this reference to be valid.
+/// ParentReference identifies an API object (usually a Gateway) that can be considered
+/// a parent of this resource (usually a route). There are two kinds of parent resources
+/// with "Core" support:
+///
+///
+/// * Gateway (Gateway conformance profile)
+/// * Service (Mesh conformance profile, ClusterIP Services only)
+///
+///
+/// This API may be extended in the future to support additional kinds of parent
+/// resources.
+///
+///
+/// The API object must be valid in the cluster; the Group and Kind must
+/// be registered in the cluster for this reference to be valid.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRouteParentRefs {
+ /// Group is the group of the referent.
+ /// When unspecified, "gateway.networking.k8s.io" is inferred.
+ /// To set the core API group (such as for a "Service" kind referent),
+ /// Group must be explicitly set to "" (empty string).
+ ///
+ ///
+ /// Support: Core
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub group: Option,
+ /// Kind is kind of the referent.
+ ///
+ ///
+ /// There are two kinds of parent resources with "Core" support:
+ ///
+ ///
+ /// * Gateway (Gateway conformance profile)
+ /// * Service (Mesh conformance profile, ClusterIP Services only)
+ ///
+ ///
+ /// Support for other resources is Implementation-Specific.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub kind: Option,
+ /// Name is the name of the referent.
+ ///
+ ///
+ /// Support: Core
+ pub name: String,
+ /// Namespace is the namespace of the referent. When unspecified, this refers
+ /// to the local namespace of the Route.
+ ///
+ ///
+ /// Note that there are specific rules for ParentRefs which cross namespace
+ /// boundaries. Cross-namespace references are only valid if they are explicitly
+ /// allowed by something in the namespace they are referring to. For example:
+ /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a
+ /// generic way to enable any other kind of cross-namespace reference.
+ ///
+ ///
+ ///
+ /// ParentRefs from a Route to a Service in the same namespace are "producer"
+ /// routes, which apply default routing rules to inbound connections from
+ /// any namespace to the Service.
+ ///
+ ///
+ /// ParentRefs from a Route to a Service in a different namespace are
+ /// "consumer" routes, and these routing rules are only applied to outbound
+ /// connections originating from the same namespace as the Route, for which
+ /// the intended destination of the connections are a Service targeted as a
+ /// ParentRef of the Route.
+ ///
+ ///
+ ///
+ /// Support: Core
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub namespace: Option,
+ /// Port is the network port this Route targets. It can be interpreted
+ /// differently based on the type of parent resource.
+ ///
+ ///
+ /// When the parent resource is a Gateway, this targets all listeners
+ /// listening on the specified port that also support this kind of Route(and
+ /// select this Route). It's not recommended to set `Port` unless the
+ /// networking behaviors specified in a Route must apply to a specific port
+ /// as opposed to a listener(s) whose port(s) may be changed. When both Port
+ /// and SectionName are specified, the name and port of the selected listener
+ /// must match both specified values.
+ ///
+ ///
+ ///
+ /// When the parent resource is a Service, this targets a specific port in the
+ /// Service spec. When both Port (experimental) and SectionName are specified,
+ /// the name and port of the selected port must match both specified values.
+ ///
+ ///
+ ///
+ /// Implementations MAY choose to support other parent resources.
+ /// Implementations supporting other types of parent resources MUST clearly
+ /// document how/if Port is interpreted.
+ ///
+ ///
+ /// For the purpose of status, an attachment is considered successful as
+ /// long as the parent resource accepts it partially. For example, Gateway
+ /// listeners can restrict which Routes can attach to them by Route kind,
+ /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment
+ /// from the referencing Route, the Route MUST be considered successfully
+ /// attached. If no Gateway listeners accept attachment from this Route,
+ /// the Route MUST be considered detached from the Gateway.
+ ///
+ ///
+ /// Support: Extended
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub port: Option,
+ /// SectionName is the name of a section within the target resource. In the
+ /// following resources, SectionName is interpreted as the following:
+ ///
+ ///
+ /// * Gateway: Listener name. When both Port (experimental) and SectionName
+ /// are specified, the name and port of the selected listener must match
+ /// both specified values.
+ /// * Service: Port name. When both Port (experimental) and SectionName
+ /// are specified, the name and port of the selected listener must match
+ /// both specified values.
+ ///
+ ///
+ /// Implementations MAY choose to support attaching Routes to other resources.
+ /// If that is the case, they MUST clearly document how SectionName is
+ /// interpreted.
+ ///
+ ///
+ /// When unspecified (empty string), this will reference the entire resource.
+ /// For the purpose of status, an attachment is considered successful if at
+ /// least one section in the parent resource accepts it. For example, Gateway
+ /// listeners can restrict which Routes can attach to them by Route kind,
+ /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from
+ /// the referencing Route, the Route MUST be considered successfully
+ /// attached. If no Gateway listeners accept attachment from this Route, the
+ /// Route MUST be considered detached from the Gateway.
+ ///
+ ///
+ /// Support: Core
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")]
+ pub section_name: Option,
+}
+
+/// Optional pod template used to configure the ACME challenge solver pods
+/// used for HTTP01 challenges.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplate {
+ /// ObjectMeta overrides for the pod used to solve HTTP01 challenges.
+ /// Only the 'labels' and 'annotations' fields may be set.
+ /// If labels or annotations overlap with in-built values, the values here
+ /// will override the in-built values.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub metadata: Option,
+ /// PodSpec defines overrides for the HTTP01 challenge solver pod.
+ /// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.
+ /// All other fields will be ignored.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub spec: Option,
+}
+
+/// ObjectMeta overrides for the pod used to solve HTTP01 challenges.
+/// Only the 'labels' and 'annotations' fields may be set.
+/// If labels or annotations overlap with in-built values, the values here
+/// will override the in-built values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateMetadata {
+ /// Annotations that should be added to the create ACME HTTP01 solver pods.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub annotations: Option>,
+ /// Labels that should be added to the created ACME HTTP01 solver pods.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub labels: Option>,
+}
+
+/// PodSpec defines overrides for the HTTP01 challenge solver pod.
+/// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.
+/// All other fields will be ignored.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpec {
+ /// If specified, the pod's scheduling constraints
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub affinity: Option,
+ /// If specified, the pod's imagePullSecrets
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")]
+ pub image_pull_secrets: Option>,
+ /// NodeSelector is a selector which must be true for the pod to fit on a node.
+ /// Selector which must match a node's labels for the pod to be scheduled on that node.
+ /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")]
+ pub node_selector: Option>,
+ /// If specified, the pod's priorityClassName.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")]
+ pub priority_class_name: Option,
+ /// If specified, the pod's security context
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")]
+ pub security_context: Option,
+ /// If specified, the pod's service account
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")]
+ pub service_account_name: Option,
+ /// If specified, the pod's tolerations.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub tolerations: Option>,
+}
+
+/// If specified, the pod's scheduling constraints
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinity {
+ /// Describes node affinity scheduling rules for the pod.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")]
+ pub node_affinity: Option,
+ /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")]
+ pub pod_affinity: Option,
+ /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")]
+ pub pod_anti_affinity: Option,
+}
+
+/// Describes node affinity scheduling rules for the pod.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinity {
+ /// The scheduler will prefer to schedule pods to nodes that satisfy
+ /// the affinity expressions specified by this field, but it may choose
+ /// a node that violates one or more of the expressions. The node that is
+ /// most preferred is the one with the greatest sum of weights, i.e.
+ /// for each node that meets all of the scheduling requirements (resource
+ /// request, requiredDuringScheduling affinity expressions, etc.),
+ /// compute a sum by iterating through the elements of this field and adding
+ /// "weight" to the sum if the node matches the corresponding matchExpressions; the
+ /// node(s) with the highest sum are the most preferred.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")]
+ pub preferred_during_scheduling_ignored_during_execution: Option>,
+ /// If the affinity requirements specified by this field are not met at
+ /// scheduling time, the pod will not be scheduled onto the node.
+ /// If the affinity requirements specified by this field cease to be met
+ /// at some point during pod execution (e.g. due to an update), the system
+ /// may or may not try to eventually evict the pod from its node.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")]
+ pub required_during_scheduling_ignored_during_execution: Option,
+}
+
+/// An empty preferred scheduling term matches all objects with implicit weight 0
+/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution {
+ /// A node selector term, associated with the corresponding weight.
+ pub preference: ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference,
+ /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
+ pub weight: i32,
+}
+
+/// A node selector term, associated with the corresponding weight.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference {
+ /// A list of node selector requirements by node's labels.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")]
+ pub match_expressions: Option>,
+ /// A list of node selector requirements by node's fields.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")]
+ pub match_fields: Option>,
+}
+
+/// A node selector requirement is a selector that contains values, a key, and an operator
+/// that relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions {
+ /// The label key that the selector applies to.
+ pub key: String,
+ /// Represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ pub operator: String,
+ /// An array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. If the operator is Gt or Lt, the values
+ /// array must have a single element, which will be interpreted as an integer.
+ /// This array is replaced during a strategic merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// A node selector requirement is a selector that contains values, a key, and an operator
+/// that relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields {
+ /// The label key that the selector applies to.
+ pub key: String,
+ /// Represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ pub operator: String,
+ /// An array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. If the operator is Gt or Lt, the values
+ /// array must have a single element, which will be interpreted as an integer.
+ /// This array is replaced during a strategic merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// If the affinity requirements specified by this field are not met at
+/// scheduling time, the pod will not be scheduled onto the node.
+/// If the affinity requirements specified by this field cease to be met
+/// at some point during pod execution (e.g. due to an update), the system
+/// may or may not try to eventually evict the pod from its node.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution {
+ /// Required. A list of node selector terms. The terms are ORed.
+ #[serde(rename = "nodeSelectorTerms")]
+ pub node_selector_terms: Vec,
+}
+
+/// A null or empty node selector term matches no objects. The requirements of
+/// them are ANDed.
+/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms {
+ /// A list of node selector requirements by node's labels.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")]
+ pub match_expressions: Option>,
+ /// A list of node selector requirements by node's fields.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")]
+ pub match_fields: Option>,
+}
+
+/// A node selector requirement is a selector that contains values, a key, and an operator
+/// that relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions {
+ /// The label key that the selector applies to.
+ pub key: String,
+ /// Represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ pub operator: String,
+ /// An array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. If the operator is Gt or Lt, the values
+ /// array must have a single element, which will be interpreted as an integer.
+ /// This array is replaced during a strategic merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// A node selector requirement is a selector that contains values, a key, and an operator
+/// that relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields {
+ /// The label key that the selector applies to.
+ pub key: String,
+ /// Represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ pub operator: String,
+ /// An array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. If the operator is Gt or Lt, the values
+ /// array must have a single element, which will be interpreted as an integer.
+ /// This array is replaced during a strategic merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinity {
+ /// The scheduler will prefer to schedule pods to nodes that satisfy
+ /// the affinity expressions specified by this field, but it may choose
+ /// a node that violates one or more of the expressions. The node that is
+ /// most preferred is the one with the greatest sum of weights, i.e.
+ /// for each node that meets all of the scheduling requirements (resource
+ /// request, requiredDuringScheduling affinity expressions, etc.),
+ /// compute a sum by iterating through the elements of this field and adding
+ /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
+ /// node(s) with the highest sum are the most preferred.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")]
+ pub preferred_during_scheduling_ignored_during_execution: Option>,
+ /// If the affinity requirements specified by this field are not met at
+ /// scheduling time, the pod will not be scheduled onto the node.
+ /// If the affinity requirements specified by this field cease to be met
+ /// at some point during pod execution (e.g. due to a pod label update), the
+ /// system may or may not try to eventually evict the pod from its node.
+ /// When there are multiple elements, the lists of nodes corresponding to each
+ /// podAffinityTerm are intersected, i.e. all terms must be satisfied.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")]
+ pub required_during_scheduling_ignored_during_execution: Option>,
+}
+
+/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution {
+ /// Required. A pod affinity term, associated with the corresponding weight.
+ #[serde(rename = "podAffinityTerm")]
+ pub pod_affinity_term: ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm,
+ /// weight associated with matching the corresponding podAffinityTerm,
+ /// in the range 1-100.
+ pub weight: i32,
+}
+
+/// Required. A pod affinity term, associated with the corresponding weight.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm {
+ /// A label query over a set of resources, in this case pods.
+ /// If it's null, this PodAffinityTerm matches with no Pods.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")]
+ pub label_selector: Option,
+ /// MatchLabelKeys is a set of pod label keys to select which pods will
+ /// be taken into consideration. The keys are used to lookup values from the
+ /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
+ /// to select the group of existing pods which pods will be taken into consideration
+ /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
+ /// pod labels will be ignored. The default value is empty.
+ /// The same key is forbidden to exist in both matchLabelKeys and labelSelector.
+ /// Also, matchLabelKeys cannot be set when labelSelector isn't set.
+ /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")]
+ pub match_label_keys: Option>,
+ /// MismatchLabelKeys is a set of pod label keys to select which pods will
+ /// be taken into consideration. The keys are used to lookup values from the
+ /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
+ /// to select the group of existing pods which pods will be taken into consideration
+ /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
+ /// pod labels will be ignored. The default value is empty.
+ /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
+ /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
+ /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")]
+ pub mismatch_label_keys: Option>,
+ /// A label query over the set of namespaces that the term applies to.
+ /// The term is applied to the union of the namespaces selected by this field
+ /// and the ones listed in the namespaces field.
+ /// null selector and null or empty namespaces list means "this pod's namespace".
+ /// An empty selector ({}) matches all namespaces.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")]
+ pub namespace_selector: Option,
+ /// namespaces specifies a static list of namespace names that the term applies to.
+ /// The term is applied to the union of the namespaces listed in this field
+ /// and the ones selected by namespaceSelector.
+ /// null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub namespaces: Option>,
+ /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
+ /// the labelSelector in the specified namespaces, where co-located is defined as running on a node
+ /// whose value of the label with key topologyKey matches that of any node on which any of the
+ /// selected pods is running.
+ /// Empty topologyKey is not allowed.
+ #[serde(rename = "topologyKey")]
+ pub topology_key: String,
+}
+
+/// A label query over a set of resources, in this case pods.
+/// If it's null, this PodAffinityTerm matches with no Pods.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector {
+ /// matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")]
+ pub match_expressions: Option>,
+ /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ /// map is equivalent to an element of matchExpressions, whose key field is "key", the
+ /// operator is "In", and the values array contains only "value". The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")]
+ pub match_labels: Option>,
+}
+
+/// A label selector requirement is a selector that contains values, a key, and an operator that
+/// relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions {
+ /// key is the label key that the selector applies to.
+ pub key: String,
+ /// operator represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists and DoesNotExist.
+ pub operator: String,
+ /// values is an array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. This array is replaced during a strategic
+ /// merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// A label query over the set of namespaces that the term applies to.
+/// The term is applied to the union of the namespaces selected by this field
+/// and the ones listed in the namespaces field.
+/// null selector and null or empty namespaces list means "this pod's namespace".
+/// An empty selector ({}) matches all namespaces.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector {
+ /// matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")]
+ pub match_expressions: Option>,
+ /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ /// map is equivalent to an element of matchExpressions, whose key field is "key", the
+ /// operator is "In", and the values array contains only "value". The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")]
+ pub match_labels: Option>,
+}
+
+/// A label selector requirement is a selector that contains values, a key, and an operator that
+/// relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions {
+ /// key is the label key that the selector applies to.
+ pub key: String,
+ /// operator represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists and DoesNotExist.
+ pub operator: String,
+ /// values is an array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. This array is replaced during a strategic
+ /// merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// Defines a set of pods (namely those matching the labelSelector
+/// relative to the given namespace(s)) that this pod should be
+/// co-located (affinity) or not co-located (anti-affinity) with,
+/// where co-located is defined as running on a node whose value of
+/// the label with key matches that of any node on which
+/// a pod of the set of pods is running
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution {
+ /// A label query over a set of resources, in this case pods.
+ /// If it's null, this PodAffinityTerm matches with no Pods.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")]
+ pub label_selector: Option,
+ /// MatchLabelKeys is a set of pod label keys to select which pods will
+ /// be taken into consideration. The keys are used to lookup values from the
+ /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
+ /// to select the group of existing pods which pods will be taken into consideration
+ /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
+ /// pod labels will be ignored. The default value is empty.
+ /// The same key is forbidden to exist in both matchLabelKeys and labelSelector.
+ /// Also, matchLabelKeys cannot be set when labelSelector isn't set.
+ /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")]
+ pub match_label_keys: Option>,
+ /// MismatchLabelKeys is a set of pod label keys to select which pods will
+ /// be taken into consideration. The keys are used to lookup values from the
+ /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
+ /// to select the group of existing pods which pods will be taken into consideration
+ /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
+ /// pod labels will be ignored. The default value is empty.
+ /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
+ /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
+ /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")]
+ pub mismatch_label_keys: Option>,
+ /// A label query over the set of namespaces that the term applies to.
+ /// The term is applied to the union of the namespaces selected by this field
+ /// and the ones listed in the namespaces field.
+ /// null selector and null or empty namespaces list means "this pod's namespace".
+ /// An empty selector ({}) matches all namespaces.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")]
+ pub namespace_selector: Option,
+ /// namespaces specifies a static list of namespace names that the term applies to.
+ /// The term is applied to the union of the namespaces listed in this field
+ /// and the ones selected by namespaceSelector.
+ /// null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub namespaces: Option>,
+ /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
+ /// the labelSelector in the specified namespaces, where co-located is defined as running on a node
+ /// whose value of the label with key topologyKey matches that of any node on which any of the
+ /// selected pods is running.
+ /// Empty topologyKey is not allowed.
+ #[serde(rename = "topologyKey")]
+ pub topology_key: String,
+}
+
+/// A label query over a set of resources, in this case pods.
+/// If it's null, this PodAffinityTerm matches with no Pods.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector {
+ /// matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")]
+ pub match_expressions: Option>,
+ /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ /// map is equivalent to an element of matchExpressions, whose key field is "key", the
+ /// operator is "In", and the values array contains only "value". The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")]
+ pub match_labels: Option>,
+}
+
+/// A label selector requirement is a selector that contains values, a key, and an operator that
+/// relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions {
+ /// key is the label key that the selector applies to.
+ pub key: String,
+ /// operator represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists and DoesNotExist.
+ pub operator: String,
+ /// values is an array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. This array is replaced during a strategic
+ /// merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// A label query over the set of namespaces that the term applies to.
+/// The term is applied to the union of the namespaces selected by this field
+/// and the ones listed in the namespaces field.
+/// null selector and null or empty namespaces list means "this pod's namespace".
+/// An empty selector ({}) matches all namespaces.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector {
+ /// matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")]
+ pub match_expressions: Option>,
+ /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ /// map is equivalent to an element of matchExpressions, whose key field is "key", the
+ /// operator is "In", and the values array contains only "value". The requirements are ANDed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")]
+ pub match_labels: Option>,
+}
+
+/// A label selector requirement is a selector that contains values, a key, and an operator that
+/// relates the key and values.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions {
+ /// key is the label key that the selector applies to.
+ pub key: String,
+ /// operator represents a key's relationship to a set of values.
+ /// Valid operators are In, NotIn, Exists and DoesNotExist.
+ pub operator: String,
+ /// values is an array of string values. If the operator is In or NotIn,
+ /// the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ /// the values array must be empty. This array is replaced during a strategic
+ /// merge patch.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub values: Option>,
+}
+
+/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinity {
+ /// The scheduler will prefer to schedule pods to nodes that satisfy
+ /// the anti-affinity expressions specified by this field, but it may choose
+ /// a node that violates one or more of the expressions. The node that is
+ /// most preferred is the one with the greatest sum of weights, i.e.
+ /// for each node that meets all of the scheduling requirements (resource
+ /// request, requiredDuringScheduling anti-affinity expressions, etc.),
+ /// compute a sum by iterating through the elements of this field and adding
+ /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
+ /// node(s) with the highest sum are the most preferred.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")]
+ pub preferred_during_scheduling_ignored_during_execution: Option>,
+ /// If the anti-affinity requirements specified by this field are not met at
+ /// scheduling time, the pod will not be scheduled onto the node.
+ /// If the anti-affinity requirements specified by this field cease to be met
+ /// at some point during pod execution (e.g. due to a pod label update), the
+ /// system may or may not try to eventually evict the pod from its node.
+ /// When there are multiple elements, the lists of nodes corresponding to each
+ /// podAffinityTerm are intersected, i.e. all terms must be satisfied.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")]
+ pub required_during_scheduling_ignored_during_execution: Option>,
+}
+
+/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution {
+ /// Required. A pod affinity term, associated with the corresponding weight.
+ #[serde(rename = "podAffinityTerm")]
+ pub pod_affinity_term: ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm,
+ /// weight associated with matching the corresponding podAffinityTerm,
+ /// in the range 1-100.
+ pub weight: i32,
+}
+
+/// Required. A pod affinity term, associated with the corresponding weight.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm {
+ /// A label query over a set of resources, in this case pods.
+ /// If it's null, this PodAffinityTerm matches with no Pods.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")]
+ pub label_selector: Option