diff --git a/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml b/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml
index 0bab127f9..6cce1db10 100644
--- a/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml
+++ b/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml
@@ -681,6 +681,11 @@ spec:
- basic
- exhaustive
type: string
+ verbosity:
+ description: Sets the level of verbosity
+ maximum: 4.0
+ minimum: 1.0
+ type: integer
version:
type: string
type: object
diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml
index 00955fa3c..1e2ad7535 100644
--- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml
+++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml
@@ -352,7 +352,7 @@ spec:
description: NodeSelector Define which Nodes the Pods are scheduled on.
type: object
notifier:
- description: 'Notifier prometheus alertmanager endpoint spec. Required at least one of notifier or notifiers. e.g. http://127.0.0.1:9093 If specified both notifier and notifiers, notifier will be added as last element to notifiers. only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier'
+ description: 'Notifier prometheus alertmanager endpoint spec. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 If specified both notifier and notifiers, notifier will be added as last element to notifiers. only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier'
properties:
OAuth2:
x-kubernetes-preserve-unknown-fields: true
@@ -567,7 +567,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
notifiers:
- description: 'Notifiers prometheus alertmanager endpoints. Required at least one of notifier or notifiers. e.g. http://127.0.0.1:9093 If specified both notifier and notifiers, notifier will be added as last element to notifiers. only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier'
+ description: 'Notifiers prometheus alertmanager endpoints. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 If specified both notifier and notifiers, notifier will be added as last element to notifiers. only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier'
items:
description: VMAlertNotifierSpec defines the notifier url for sending information about alerts
properties:
diff --git a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxrestores.yaml b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxrestores.yaml
index 451b6b177..3bb34708d 100644
--- a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxrestores.yaml
+++ b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxrestores.yaml
@@ -58,6 +58,10 @@ spec:
deployment_name:
description: Name of the restored deployment. This should be different from the original deployment name if the original deployment still exists.
type: string
+ force_drop_db:
+ default: false
+ description: Force drop the database before restoring. USE WITH CAUTION!
+ type: boolean
image_pull_policy:
default: IfNotPresent
description: The image pull policy
diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml
index 926d54cca..dcb6c56bc 100644
--- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml
+++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml
@@ -5666,7 +5666,7 @@ spec:
minimum: 0.0
type: integer
numSymbols:
- default: 4
+ default: 0
description: numSymbols defines number of symbols.
format: int32
maximum: 8.0
diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml
index ab8f389d8..f8f4b356a 100644
--- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml
+++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml
@@ -19,25 +19,24 @@ spec:
scope: Namespaced
versions:
- additionalPrinterColumns:
- - description: Cilium endpoint id
- jsonPath: .status.id
- name: Endpoint ID
- type: integer
- - description: Cilium identity id
+ - description: Security Identity
jsonPath: .status.identity.id
- name: Identity ID
+ name: Security Identity
type: integer
- description: Ingress enforcement in the endpoint
jsonPath: .status.policy.ingress.state
name: Ingress Enforcement
+ priority: 1
type: string
- description: Egress enforcement in the endpoint
jsonPath: .status.policy.egress.state
name: Egress Enforcement
+ priority: 1
type: string
- description: Status of visibility policy in the endpoint
jsonPath: .status.visibility-policy-status
name: Visibility Policy
+ priority: 1
type: string
- description: Endpoint current state
jsonPath: .status.state
diff --git a/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta1/tenants.yaml b/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta1/tenants.yaml
index a61488e17..f52148f40 100644
--- a/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta1/tenants.yaml
+++ b/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta1/tenants.yaml
@@ -657,6 +657,26 @@ spec:
required:
- allowed
type: object
+ forbiddenAnnotations:
+ description: Define the annotations that a Tenant Owner cannot set for their Service resources.
+ properties:
+ denied:
+ items:
+ type: string
+ type: array
+ deniedRegex:
+ type: string
+ type: object
+ forbiddenLabels:
+ description: Define the labels that a Tenant Owner cannot set for their Service resources.
+ properties:
+ denied:
+ items:
+ type: string
+ type: array
+ deniedRegex:
+ type: string
+ type: object
type: object
storageClasses:
description: Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. Optional.
diff --git a/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta2/tenants.yaml b/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta2/tenants.yaml
index c133af858..e79bfced3 100644
--- a/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta2/tenants.yaml
+++ b/crd-catalog/clastix/capsule/capsule.clastix.io/v1beta2/tenants.yaml
@@ -612,6 +612,22 @@ spec:
- name
type: object
type: array
+ podOptions:
+ description: Specifies options for the Pods deployed in the Tenant namespaces, such as additional metadata.
+ properties:
+ additionalMetadata:
+ description: Specifies additional labels and annotations the Capsule operator places on any Pod resource in the Tenant. Optional.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: object
preventDeletion:
description: Prevent accidental deletion of the Tenant. When enabled, the deletion request will be declined.
type: boolean
@@ -791,6 +807,26 @@ spec:
required:
- allowed
type: object
+ forbiddenAnnotations:
+ description: Define the annotations that a Tenant Owner cannot set for their Service resources.
+ properties:
+ denied:
+ items:
+ type: string
+ type: array
+ deniedRegex:
+ type: string
+ type: object
+ forbiddenLabels:
+ description: Define the labels that a Tenant Owner cannot set for their Service resources.
+ properties:
+ denied:
+ items:
+ type: string
+ type: array
+ deniedRegex:
+ type: string
+ type: object
type: object
storageClasses:
description: Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. A default value can be specified, and all the PersistentVolumeClaim resources created will inherit the declared class. Optional.
diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml
index 80d3c0f76..41db5f597 100644
--- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml
+++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml
@@ -2634,8 +2634,14 @@ spec:
type: string
type: array
firstRecoverabilityPoint:
- description: The first recoverability point, stored as a date in RFC3339 format
+ description: The first recoverability point, stored as a date in RFC3339 format. This field is calculated from the content of FirstRecoverabilityPointByMethod
type: string
+ firstRecoverabilityPointByMethod:
+ additionalProperties:
+ format: date-time
+ type: string
+ description: The first recoverability point, stored as a date in RFC3339 format, per backup method type
+ type: object
healthyPVC:
description: List of all the PVCs not dangling nor initializing
items:
@@ -2684,8 +2690,14 @@ spec:
description: Stored as a date in RFC3339 format
type: string
lastSuccessfulBackup:
- description: Stored as a date in RFC3339 format
+ description: Last successful backup, stored as a date in RFC3339 format This field is calculated from the content of LastSuccessfulBackupByMethod
type: string
+ lastSuccessfulBackupByMethod:
+ additionalProperties:
+ format: date-time
+ type: string
+ description: Last successful backup, stored as a date in RFC3339 format, per backup method type
+ type: object
latestGeneratedNode:
description: ID of the latest generated node (used to avoid node name clashing)
type: integer
diff --git a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml
index 7464b6a7d..42f0b554c 100644
--- a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml
+++ b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml
@@ -2147,6 +2147,17 @@ spec:
exec:
items:
properties:
+ artifacts:
+ description: Artifacts configure the artifacts generated by the check
+ items:
+ properties:
+ path:
+ description: 'Path to the artifact on the check runner. Special paths: /dev/stdout & /dev/stdin'
+ type: string
+ required:
+ - path
+ type: object
+ type: array
checkout:
description: Checkout details the git repository that should be mounted to the process
properties:
@@ -3643,6 +3654,17 @@ spec:
junit:
items:
properties:
+ artifacts:
+ description: Artifacts configure the artifacts generated by the check
+ items:
+ properties:
+ path:
+ description: 'Path to the artifact on the check runner. Special paths: /dev/stdout & /dev/stdin'
+ type: string
+ required:
+ - path
+ type: object
+ type: array
description:
description: Description for the check
type: string
diff --git a/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/dataloads.yaml b/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/dataloads.yaml
index 7f6e8beea..6dc25c861 100644
--- a/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/dataloads.yaml
+++ b/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/dataloads.yaml
@@ -554,6 +554,28 @@ spec:
- Cron
- OnEvent
type: string
+ resources:
+ description: Resources that will be requested by the DataLoad job.
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+ type: object
+ type: object
runAfter:
description: Specifies that the preceding operation in a workflow
properties:
diff --git a/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml b/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml
index facd21027..8ea58c704 100644
--- a/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml
+++ b/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml
@@ -296,6 +296,9 @@ spec:
name:
description: Name of the webhook
type: string
+ retries:
+ description: Number of retries for this webhook
+ type: number
timeout:
description: Request timeout for this webhook
pattern: ^[0-9]+(m|s)
diff --git a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta1/helmreleases.yaml b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta1/helmreleases.yaml
index 95d2a64e1..3c789525e 100644
--- a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta1/helmreleases.yaml
+++ b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta1/helmreleases.yaml
@@ -25,6 +25,8 @@ spec:
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
+ deprecated: true
+ deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2beta2
name: v2beta1
schema:
openAPIV3Schema:
diff --git a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml
index ddffeccc2..a58252413 100644
--- a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml
+++ b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml
@@ -158,6 +158,56 @@ spec:
- name
type: object
type: array
+ driftDetection:
+ description: DriftDetection holds the configuration for detecting and handling differences between the manifest in the Helm storage and the resources currently existing in the cluster.
+ properties:
+ ignore:
+ description: Ignore contains a list of rules for specifying which changes to ignore during diffing.
+ items:
+ description: IgnoreRule defines a rule to selectively disregard specific changes during the drift detection process.
+ properties:
+ paths:
+ description: Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from consideration in a Kubernetes object.
+ items:
+ type: string
+ type: array
+ target:
+ description: Target is a selector for specifying Kubernetes objects to which this rule applies. If Target is not set, the Paths will be ignored for all Kubernetes objects within the manifest of the Helm release.
+ properties:
+ annotationSelector:
+ description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations.
+ type: string
+ group:
+ description: Group is the API group to select resources from. Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ type: string
+ kind:
+ description: Kind of the API Group to select resources from. Together with Group and Version it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ type: string
+ labelSelector:
+ description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels.
+ type: string
+ name:
+ description: Name to match resources with.
+ type: string
+ namespace:
+ description: Namespace to select resources from.
+ type: string
+ version:
+ description: Version of the API Group to select resources from. Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ type: string
+ type: object
+ required:
+ - paths
+ type: object
+ type: array
+ mode:
+ description: Mode defines how differences should be handled between the Helm manifest and the manifest currently applied to the cluster. If not explicitly set, it defaults to DiffModeDisabled.
+ enum:
+ - enabled
+ - warn
+ - disabled
+ type: string
+ type: object
install:
description: Install holds the configuration for Helm install actions for this HelmRelease.
properties:
diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/alerts.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/alerts.yaml
index bb8368185..53fef0ac4 100644
--- a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/alerts.yaml
+++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/alerts.yaml
@@ -23,6 +23,8 @@ spec:
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
+ deprecated: true
+ deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/providers.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/providers.yaml
index c09295dcf..7aea20a4d 100644
--- a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/providers.yaml
+++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta1/providers.yaml
@@ -23,6 +23,8 @@ spec:
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
+ deprecated: true
+ deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/alerts.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/alerts.yaml
index 67abb7c7f..45e98f88e 100644
--- a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/alerts.yaml
+++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/alerts.yaml
@@ -23,6 +23,8 @@ spec:
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
+ deprecated: true
+ deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
@@ -182,6 +184,6 @@ spec:
type: object
type: object
served: true
- storage: true
+ storage: false
subresources:
status: {}
diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/providers.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/providers.yaml
index a4e703f15..4dc1dab5d 100644
--- a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/providers.yaml
+++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta2/providers.yaml
@@ -23,6 +23,8 @@ spec:
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
+ deprecated: true
+ deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
@@ -177,6 +179,6 @@ spec:
type: object
type: object
served: true
- storage: true
+ storage: false
subresources:
status: {}
diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml
new file mode 100644
index 000000000..6d2739a56
--- /dev/null
+++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml
@@ -0,0 +1,123 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.12.0
+ name: alerts.notification.toolkit.fluxcd.io
+spec:
+ group: notification.toolkit.fluxcd.io
+ names:
+ kind: Alert
+ listKind: AlertList
+ plural: alerts
+ singular: alert
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta3
+ schema:
+ openAPIV3Schema:
+ description: Alert is the Schema for the alerts API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: AlertSpec defines an alerting rule for events involving a list of objects.
+ properties:
+ eventMetadata:
+ additionalProperties:
+ type: string
+ description: EventMetadata is an optional field for adding metadata to events dispatched by the controller. This can be used for enhancing the context of the event. If a field would override one already present on the original event as generated by the emitter, then the override doesn't happen, i.e. the original value is preserved, and an info log is printed.
+ type: object
+ eventSeverity:
+ default: info
+ description: EventSeverity specifies how to filter events based on severity. If set to 'info' no events will be filtered.
+ enum:
+ - info
+ - error
+ type: string
+ eventSources:
+ description: EventSources specifies how to filter events based on the involved object kind, name and namespace.
+ items:
+ description: CrossNamespaceObjectReference contains enough information to let you locate the typed referenced object at cluster level
+ properties:
+ apiVersion:
+ description: API version of the referent
+ type: string
+ kind:
+ description: Kind of the referent
+ enum:
+ - Bucket
+ - GitRepository
+ - Kustomization
+ - HelmRelease
+ - HelmChart
+ - HelmRepository
+ - ImageRepository
+ - ImagePolicy
+ - ImageUpdateAutomation
+ - OCIRepository
+ type: string
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. MatchLabels requires the name to be set to `*`.
+ type: object
+ name:
+ description: Name of the referent If multiple resources are targeted `*` may be set.
+ maxLength: 53
+ minLength: 1
+ type: string
+ namespace:
+ description: Namespace of the referent
+ maxLength: 53
+ minLength: 1
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ type: array
+ exclusionList:
+ description: ExclusionList specifies a list of Golang regular expressions to be used for excluding messages.
+ items:
+ type: string
+ type: array
+ inclusionList:
+ description: InclusionList specifies a list of Golang regular expressions to be used for including messages.
+ items:
+ type: string
+ type: array
+ providerRef:
+ description: ProviderRef specifies which Provider this Alert should use.
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ summary:
+ description: Summary holds a short description of the impact and affected cluster.
+ maxLength: 255
+ type: string
+ suspend:
+ description: Suspend tells the controller to suspend subsequent events handling for this Alert.
+ type: boolean
+ required:
+ - eventSources
+ - providerRef
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources: {}
diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/providers.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/providers.yaml
new file mode 100644
index 000000000..8ab65483d
--- /dev/null
+++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/providers.yaml
@@ -0,0 +1,114 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.12.0
+ name: providers.notification.toolkit.fluxcd.io
+spec:
+ group: notification.toolkit.fluxcd.io
+ names:
+ kind: Provider
+ listKind: ProviderList
+ plural: providers
+ singular: provider
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta3
+ schema:
+ openAPIV3Schema:
+ description: Provider is the Schema for the providers API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ProviderSpec defines the desired state of the Provider.
+ properties:
+ address:
+ description: Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S address. For other Provider types this could be a project ID or a namespace.
+ maxLength: 2048
+ type: string
+ certSecretRef:
+ description: "CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile` key has been deprecated."
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ channel:
+ description: Channel specifies the destination channel where events should be posted.
+ maxLength: 2048
+ type: string
+ proxy:
+ description: Proxy the HTTP/S address of the proxy server.
+ maxLength: 2048
+ pattern: ^(http|https)://.*$
+ type: string
+ secretRef:
+ description: SecretRef specifies the Secret containing the authentication credentials for this Provider.
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ suspend:
+ description: Suspend tells the controller to suspend subsequent events handling for this Provider.
+ type: boolean
+ timeout:
+ description: Timeout for sending alerts to the Provider.
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ type: string
+ type:
+ description: Type specifies which Provider implementation to use.
+ enum:
+ - slack
+ - discord
+ - msteams
+ - rocket
+ - generic
+ - generic-hmac
+ - github
+ - gitlab
+ - gitea
+ - bitbucketserver
+ - bitbucket
+ - azuredevops
+ - googlechat
+ - googlepubsub
+ - webex
+ - sentry
+ - azureeventhub
+ - telegram
+ - lark
+ - matrix
+ - opsgenie
+ - alertmanager
+ - grafana
+ - githubdispatch
+ - pagerduty
+ - datadog
+ type: string
+ username:
+ description: Username specifies the name under which events are posted.
+ maxLength: 2048
+ type: string
+ required:
+ - type
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources: {}
diff --git a/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml b/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml
index 25ae3d807..ba3b7e629 100644
--- a/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml
+++ b/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml
@@ -214,6 +214,34 @@ spec:
queries:
description: QueryLimits defines the limit applied on querying log streams.
properties:
+ blocked:
+ description: Blocked defines the list of rules to block matching queries.
+ items:
+ description: BlockedQuerySpec defines the rule spec for queries to be blocked.
+ minProperties: 1
+ properties:
+ hash:
+ description: Hash is a 32-bit FNV-1 hash of the query string.
+ format: int32
+ type: integer
+ pattern:
+ description: Pattern defines the pattern matching the queries to be blocked.
+ type: string
+ regex:
+ description: Regex defines if the pattern is a regular expression. If false the pattern will be used only for exact matches.
+ type: boolean
+ types:
+ description: Types defines the list of query types that should be considered for blocking.
+ items:
+ description: BlockedQueryType defines which type of query a blocked query should apply to.
+ enum:
+ - filter
+ - limited
+ - metric
+ type: string
+ type: array
+ type: object
+ type: array
cardinalityLimit:
description: CardinalityLimit defines the cardinality limit for index queries.
format: int32
diff --git a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml
index fef7950f1..a5f72a3e7 100644
--- a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml
+++ b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml
@@ -201,6 +201,18 @@ spec:
description: 'Organization name where the Workspace will be created. More information: - https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/organizations'
minLength: 1
type: string
+ project:
+ description: 'Projects let you organize your workspaces into groups. Default: default organization project. More information: - https://developer.hashicorp.com/terraform/tutorials/cloud/projects'
+ properties:
+ id:
+ description: 'Project ID. Must match pattern: ^prj-[a-zA-Z0-9]+$'
+ pattern: ^prj-[a-zA-Z0-9]+$
+ type: string
+ name:
+ description: Project name.
+ minLength: 1
+ type: string
+ type: object
remoteStateSharing:
description: 'Remote state access between workspaces. By default, new workspaces in Terraform Cloud do not allow other workspaces to access their state. More information: - https://developer.hashicorp.com/terraform/cloud-docs/workspaces/state#accessing-state-from-other-workspaces'
properties:
diff --git a/crd-catalog/istio/istio/extensions.istio.io/v1alpha1/wasmplugins.yaml b/crd-catalog/istio/istio/extensions.istio.io/v1alpha1/wasmplugins.yaml
index 57b55613d..9f5e2d436 100644
--- a/crd-catalog/istio/istio/extensions.istio.io/v1alpha1/wasmplugins.yaml
+++ b/crd-catalog/istio/istio/extensions.istio.io/v1alpha1/wasmplugins.yaml
@@ -115,14 +115,19 @@ spec:
pattern: (^$|^[a-f0-9]{64}$)
type: string
targetRef:
+ description: Optional.
properties:
group:
+ description: group is the group of the target resource.
type: string
kind:
+ description: kind is kind of the target resource.
type: string
name:
+ description: name is the name of the target resource.
type: string
namespace:
+ description: namespace is the namespace of the referent.
type: string
type: object
type:
diff --git a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml
index fa02b143e..219d62747 100644
--- a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml
+++ b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml
@@ -592,6 +592,16 @@ spec:
type: object
type: object
type: array
+ proxyProtocol:
+ description: The upstream PROXY protocol settings.
+ properties:
+ version:
+ description: The PROXY protocol version to use.
+ enum:
+ - V1
+ - V2
+ type: string
+ type: object
tls:
description: TLS related settings for connections to the upstream service.
properties:
@@ -1182,6 +1192,16 @@ spec:
type: object
type: object
type: array
+ proxyProtocol:
+ description: The upstream PROXY protocol settings.
+ properties:
+ version:
+ description: The PROXY protocol version to use.
+ enum:
+ - V1
+ - V2
+ type: string
+ type: object
tls:
description: TLS related settings for connections to the upstream service.
properties:
diff --git a/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml
index c18fc09d8..7640da55b 100644
--- a/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml
+++ b/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml
@@ -592,6 +592,16 @@ spec:
type: object
type: object
type: array
+ proxyProtocol:
+ description: The upstream PROXY protocol settings.
+ properties:
+ version:
+ description: The PROXY protocol version to use.
+ enum:
+ - V1
+ - V2
+ type: string
+ type: object
tls:
description: TLS related settings for connections to the upstream service.
properties:
@@ -1182,6 +1192,16 @@ spec:
type: object
type: object
type: array
+ proxyProtocol:
+ description: The upstream PROXY protocol settings.
+ properties:
+ version:
+ description: The PROXY protocol version to use.
+ enum:
+ - V1
+ - V2
+ type: string
+ type: object
tls:
description: TLS related settings for connections to the upstream service.
properties:
diff --git a/crd-catalog/istio/istio/security.istio.io/v1/authorizationpolicies.yaml b/crd-catalog/istio/istio/security.istio.io/v1/authorizationpolicies.yaml
index 991016612..e4f7340dc 100644
--- a/crd-catalog/istio/istio/security.istio.io/v1/authorizationpolicies.yaml
+++ b/crd-catalog/istio/istio/security.istio.io/v1/authorizationpolicies.yaml
@@ -200,12 +200,16 @@ spec:
targetRef:
properties:
group:
+ description: group is the group of the target resource.
type: string
kind:
+ description: kind is kind of the target resource.
type: string
name:
+ description: name is the name of the target resource.
type: string
namespace:
+ description: namespace is the namespace of the referent.
type: string
type: object
type: object
diff --git a/crd-catalog/istio/istio/security.istio.io/v1/requestauthentications.yaml b/crd-catalog/istio/istio/security.istio.io/v1/requestauthentications.yaml
index d2237ae24..49a4785a6 100644
--- a/crd-catalog/istio/istio/security.istio.io/v1/requestauthentications.yaml
+++ b/crd-catalog/istio/istio/security.istio.io/v1/requestauthentications.yaml
@@ -43,6 +43,11 @@ spec:
forwardOriginalToken:
description: If set to true, the original token will be kept for the upstream request.
type: boolean
+ fromCookies:
+ description: List of cookie names from which JWT is expected.
+ items:
+ type: string
+ type: array
fromHeaders:
description: List of header locations from which JWT is expected.
items:
@@ -105,12 +110,16 @@ spec:
targetRef:
properties:
group:
+ description: group is the group of the target resource.
type: string
kind:
+ description: kind is kind of the target resource.
type: string
name:
+ description: name is the name of the target resource.
type: string
namespace:
+ description: namespace is the namespace of the referent.
type: string
type: object
type: object
diff --git a/crd-catalog/istio/istio/security.istio.io/v1beta1/authorizationpolicies.yaml b/crd-catalog/istio/istio/security.istio.io/v1beta1/authorizationpolicies.yaml
index b493133f5..d6a51f957 100644
--- a/crd-catalog/istio/istio/security.istio.io/v1beta1/authorizationpolicies.yaml
+++ b/crd-catalog/istio/istio/security.istio.io/v1beta1/authorizationpolicies.yaml
@@ -200,12 +200,16 @@ spec:
targetRef:
properties:
group:
+ description: group is the group of the target resource.
type: string
kind:
+ description: kind is kind of the target resource.
type: string
name:
+ description: name is the name of the target resource.
type: string
namespace:
+ description: namespace is the namespace of the referent.
type: string
type: object
type: object
diff --git a/crd-catalog/istio/istio/security.istio.io/v1beta1/requestauthentications.yaml b/crd-catalog/istio/istio/security.istio.io/v1beta1/requestauthentications.yaml
index cb83b7627..bee207c95 100644
--- a/crd-catalog/istio/istio/security.istio.io/v1beta1/requestauthentications.yaml
+++ b/crd-catalog/istio/istio/security.istio.io/v1beta1/requestauthentications.yaml
@@ -43,6 +43,11 @@ spec:
forwardOriginalToken:
description: If set to true, the original token will be kept for the upstream request.
type: boolean
+ fromCookies:
+ description: List of cookie names from which JWT is expected.
+ items:
+ type: string
+ type: array
fromHeaders:
description: List of header locations from which JWT is expected.
items:
@@ -105,12 +110,16 @@ spec:
targetRef:
properties:
group:
+ description: group is the group of the target resource.
type: string
kind:
+ description: kind is kind of the target resource.
type: string
name:
+ description: name is the name of the target resource.
type: string
namespace:
+ description: namespace is the namespace of the referent.
type: string
type: object
type: object
diff --git a/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml b/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml
index bfbd31c49..e09bc0ce0 100644
--- a/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml
+++ b/crd-catalog/istio/istio/telemetry.istio.io/v1alpha1/telemetries.yaml
@@ -178,14 +178,19 @@ spec:
type: object
type: object
targetRef:
+ description: Optional.
properties:
group:
+ description: group is the group of the target resource.
type: string
kind:
+ description: kind is kind of the target resource.
type: string
name:
+ description: name is the name of the target resource.
type: string
namespace:
+ description: namespace is the namespace of the referent.
type: string
type: object
tracing:
diff --git a/crd-catalog/koordinator-sh/koordinator/slo.koordinator.sh/v1alpha1/nodemetrics.yaml b/crd-catalog/koordinator-sh/koordinator/slo.koordinator.sh/v1alpha1/nodemetrics.yaml
index faed0d538..42fcc46db 100644
--- a/crd-catalog/koordinator-sh/koordinator/slo.koordinator.sh/v1alpha1/nodemetrics.yaml
+++ b/crd-catalog/koordinator-sh/koordinator/slo.koordinator.sh/v1alpha1/nodemetrics.yaml
@@ -708,6 +708,12 @@ spec:
description: ResourceList is a set of (resource name, quantity) pairs.
type: object
type: object
+ priority:
+ description: Priority class of the application
+ type: string
+ qos:
+ description: QoS class of the application
+ type: string
type: object
type: array
prodReclaimableMetric:
diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml
index 7dc04439b..f6f02bd8d 100644
--- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml
+++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml
@@ -5366,6 +5366,620 @@ spec:
type: object
type: array
type: object
+ sidecarContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ restartPolicy:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
statefulsetAnnotations:
additionalProperties:
type: string
diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml
index 2cda47e0a..ab721c6ce 100644
--- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml
+++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml
@@ -79,8 +79,7 @@ spec:
format: int32
type: integer
replicas:
- default: 1
- description: Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1.
+ description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. \n Defaults to: * if the Kubernetes autoscaler min size and max size annotations are set: - if it's a new MachineSet, use min size - if the replicas field of the old MachineSet is < min size, use min size - if the replicas field of the old MachineSet is > max size, use max size - if the replicas field of the old MachineSet is in the (min size, max size) range, keep the value from the oldMS * otherwise use 1 Note: Defaulting will be run whenever the replicas field is not set: * A new MachineSet is created with replicas not set. * On an existing MachineSet the replicas field was first set and is now unset. Those cases are especially relevant for the following Kubernetes autoscaler use cases: * A new MachineSet is created and replicas should be managed by the autoscaler * An existing MachineSet which initially wasn't controlled by the autoscaler should be later controlled by the autoscaler"
format: int32
type: integer
selector:
diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml
index 5acb15178..919ed15b1 100644
--- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml
+++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml
@@ -44,6 +44,10 @@ spec:
spec:
description: WorkloadSpec defines the desired state of Workload
properties:
+ active:
+ default: true
+ description: "Active determines if a workload can be admitted into a queue. Changing active from true to false will evict any running workloads. Possible values are: \n - false: indicates that a workload should never be admitted and evicts running workloads - true: indicates that a workload can be evaluated for admission into it's respective queue. \n Defaults to true"
+ type: boolean
podSets:
description: podSets is a list of sets of homogeneous pods, each described by a Pod spec and a count. There must be at least one element and at most 8. podSets cannot be changed.
items:
diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml
index 876d21f22..c74bf3804 100644
--- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml
+++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml
@@ -213,6 +213,40 @@ spec:
type: string
description: 'Execution variables passed to executor from secrets. Deprecated: use Secret Variables instead'
type: object
+ slavePodRequest:
+ description: pod request body
+ properties:
+ podTemplate:
+ description: pod template extensions
+ type: string
+ podTemplateReference:
+ description: name of the template resource
+ type: string
+ resources:
+ description: pod resources request specification
+ properties:
+ limits:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ requests:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ type: object
+ type: object
sync:
description: whether to start execution sync or async
type: boolean
@@ -576,6 +610,40 @@ spec:
required:
- type
type: object
+ slavePodRequest:
+ description: pod request body
+ properties:
+ podTemplate:
+ description: pod template extensions
+ type: string
+ podTemplateReference:
+ description: name of the template resource
+ type: string
+ resources:
+ description: pod resources request specification
+ properties:
+ limits:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ requests:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ type: object
+ type: object
startTime:
description: test start time
format: date-time
diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml
index 15c062768..9600db872 100644
--- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml
+++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml
@@ -494,6 +494,40 @@ spec:
required:
- type
type: object
+ slavePodRequest:
+ description: pod request body
+ properties:
+ podTemplate:
+ description: pod template extensions
+ type: string
+ podTemplateReference:
+ description: name of the template resource
+ type: string
+ resources:
+ description: pod resources request specification
+ properties:
+ limits:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ requests:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ type: object
+ type: object
startTime:
description: test start time
format: date-time
@@ -950,6 +984,40 @@ spec:
required:
- type
type: object
+ slavePodRequest:
+ description: pod request body
+ properties:
+ podTemplate:
+ description: pod template extensions
+ type: string
+ podTemplateReference:
+ description: name of the template resource
+ type: string
+ resources:
+ description: pod resources request specification
+ properties:
+ limits:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ requests:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ type: object
+ type: object
startTime:
description: test start time
format: date-time
diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml
index 81fe3562c..46a58b4bc 100644
--- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml
+++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml
@@ -291,6 +291,40 @@ spec:
type: string
description: 'Execution variables passed to executor from secrets. Deprecated: use Secret Variables instead'
type: object
+ slavePodRequest:
+ description: pod request body
+ properties:
+ podTemplate:
+ description: pod template extensions
+ type: string
+ podTemplateReference:
+ description: name of the template resource
+ type: string
+ resources:
+ description: pod resources request specification
+ properties:
+ limits:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ requests:
+ description: resource request specification
+ properties:
+ cpu:
+ description: requested cpu units
+ type: string
+ memory:
+ description: requested memory units
+ type: string
+ type: object
+ type: object
+ type: object
sync:
description: whether to start execution sync or async
type: boolean
diff --git a/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/clusterpropagationpolicies.yaml b/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/clusterpropagationpolicies.yaml
index 602e6557b..f8b74902d 100644
--- a/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/clusterpropagationpolicies.yaml
+++ b/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/clusterpropagationpolicies.yaml
@@ -147,8 +147,13 @@ spec:
format: int64
minimum: 0.0
type: integer
+ priority:
+ description: A number expressing the priority of the cluster. The higher the value, the higher the priority. When selecting clusters for propagation, clusters with higher priority are preferred. When the Binpack ReplicasStrategy is selected, replicas will be scheduled to clusters with higher priority first.
+ format: int64
+ minimum: 0.0
+ type: integer
weight:
- description: A number expressing the preference to put an additional replica to this cluster workload object.
+ description: A number expressing the preference to put an additional replica to this cluster workload object. It will not take effect when ReplicasStrategy is Binpack.
format: int64
minimum: 0.0
type: integer
@@ -157,6 +162,13 @@ spec:
- cluster
type: object
type: array
+ replicasStrategy:
+ default: Spread
+ description: ReplicasStrategy is the strategy used for scheduling replicas.
+ enum:
+ - Binpack
+ - Spread
+ type: string
reschedulePolicy:
default:
rescheduleWhen:
diff --git a/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/federatedtypeconfigs.yaml b/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/federatedtypeconfigs.yaml
index 2c1fbb00c..ab0ba6737 100644
--- a/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/federatedtypeconfigs.yaml
+++ b/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/federatedtypeconfigs.yaml
@@ -91,9 +91,12 @@ spec:
- version
type: object
statusAggregation:
- description: Configuration for StatusAggregation. If left empty, the StatusAggregation feature will be disabled.
+ default:
+ enabled: true
+ description: Configuration for StatusAggregation.
properties:
enabled:
+ default: true
description: Whether or not to enable status aggregation.
type: boolean
required:
diff --git a/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/propagationpolicies.yaml b/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/propagationpolicies.yaml
index 90832dbba..3a40bb6a6 100644
--- a/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/propagationpolicies.yaml
+++ b/crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/propagationpolicies.yaml
@@ -147,8 +147,13 @@ spec:
format: int64
minimum: 0.0
type: integer
+ priority:
+ description: A number expressing the priority of the cluster. The higher the value, the higher the priority. When selecting clusters for propagation, clusters with higher priority are preferred. When the Binpack ReplicasStrategy is selected, replicas will be scheduled to clusters with higher priority first.
+ format: int64
+ minimum: 0.0
+ type: integer
weight:
- description: A number expressing the preference to put an additional replica to this cluster workload object.
+ description: A number expressing the preference to put an additional replica to this cluster workload object. It will not take effect when ReplicasStrategy is Binpack.
format: int64
minimum: 0.0
type: integer
@@ -157,6 +162,13 @@ spec:
- cluster
type: object
type: array
+ replicasStrategy:
+ default: Spread
+ description: ReplicasStrategy is the strategy used for scheduling replicas.
+ enum:
+ - Binpack
+ - Spread
+ type: string
reschedulePolicy:
default:
rescheduleWhen:
diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml
index 2756a5e23..09a3ddc30 100644
--- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml
+++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml
@@ -104,6 +104,8 @@ spec:
status:
description: NodeStatus defines the observed state of the Longhorn node
properties:
+ autoEvicting:
+ type: boolean
conditions:
items:
properties:
diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml
index d8018e9a2..0014826cf 100644
--- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml
+++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml
@@ -82,6 +82,8 @@ spec:
type: string
engineName:
type: string
+ evictionRequested:
+ type: boolean
failedAt:
type: string
hardNodeAffinity:
@@ -140,6 +142,7 @@ spec:
currentState:
type: string
evictionRequested:
+ description: 'Deprecated: Replaced by field `spec.evictionRequested`.'
type: boolean
instanceManagerName:
type: string
diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml
index f95e8305f..bb8bc2a5e 100644
--- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml
+++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml
@@ -76,7 +76,7 @@ spec:
type: string
type: array
features:
- description: 'List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature. This feature requires mounting the kernel debug filesystem hence the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
'
+ description: 'List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
'
items:
description: Agent feature, can be one of:
- `PacketDrop`, to track packet drops.
- `DNSTracking`, to track specific information on DNS traffic.
- `FlowRTT`, to track TCP latency. [Unsupported (*)].
enum:
@@ -1646,8 +1646,37 @@ spec:
type: string
type: array
includeList:
- description: '`includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md'
+ description: '`includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md'
items:
+ description: Metric name. More information in https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md.
+ enum:
+ - namespace_egress_bytes_total
+ - namespace_egress_packets_total
+ - namespace_ingress_bytes_total
+ - namespace_ingress_packets_total
+ - namespace_flows_total
+ - node_egress_bytes_total
+ - node_egress_packets_total
+ - node_ingress_bytes_total
+ - node_ingress_packets_total
+ - node_flows_total
+ - workload_egress_bytes_total
+ - workload_egress_packets_total
+ - workload_ingress_bytes_total
+ - workload_ingress_packets_total
+ - workload_flows_total
+ - namespace_drop_bytes_total
+ - namespace_drop_packets_total
+ - node_drop_bytes_total
+ - node_drop_packets_total
+ - workload_drop_bytes_total
+ - workload_drop_packets_total
+ - namespace_rtt_seconds
+ - node_rtt_seconds
+ - workload_rtt_seconds
+ - namespace_dns_latency_seconds
+ - node_dns_latency_seconds
+ - workload_dns_latency_seconds
type: string
type: array
server:
@@ -1721,6 +1750,10 @@ spec:
type: object
type: object
type: object
+ multiClusterDeployment:
+ default: false
+ description: Set `multiClusterDeployment` to `true` to enable multi clusters feature. This will add clusterName label to flows data
+ type: boolean
port:
default: 2055
description: Port of the flow collector (host port). By convention, some values are forbidden. It must be greater than 1024 and different from 4500, 4789 and 6081.
diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml
index ab4ee082a..d912a628c 100644
--- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml
+++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml
@@ -76,7 +76,7 @@ spec:
type: string
type: array
features:
- description: 'List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature. This feature requires mounting the kernel debug filesystem hence the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
'
+ description: 'List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
'
items:
description: Agent feature, can be one of:
- `PacketDrop`, to track packet drops.
- `DNSTracking`, to track specific information on DNS traffic.
- `FlowRTT`, to track TCP latency. [Unsupported (*)].
enum:
@@ -1803,8 +1803,37 @@ spec:
type: string
type: array
includeList:
- description: '`includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md'
+ description: '`includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md'
items:
+ description: Metric name. More information in https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md.
+ enum:
+ - namespace_egress_bytes_total
+ - namespace_egress_packets_total
+ - namespace_ingress_bytes_total
+ - namespace_ingress_packets_total
+ - namespace_flows_total
+ - node_egress_bytes_total
+ - node_egress_packets_total
+ - node_ingress_bytes_total
+ - node_ingress_packets_total
+ - node_flows_total
+ - workload_egress_bytes_total
+ - workload_egress_packets_total
+ - workload_ingress_bytes_total
+ - workload_ingress_packets_total
+ - workload_flows_total
+ - namespace_drop_bytes_total
+ - namespace_drop_packets_total
+ - node_drop_bytes_total
+ - node_drop_packets_total
+ - workload_drop_bytes_total
+ - workload_drop_packets_total
+ - namespace_rtt_seconds
+ - node_rtt_seconds
+ - workload_rtt_seconds
+ - namespace_dns_latency_seconds
+ - node_dns_latency_seconds
+ - workload_dns_latency_seconds
type: string
type: array
server:
@@ -1878,6 +1907,10 @@ spec:
type: object
type: object
type: object
+ multiClusterDeployment:
+ default: false
+ description: Set `multiClusterDeployment` to `true` to enable multi clusters feature. This will add clusterName label to flows data
+ type: boolean
port:
default: 2055
description: Port of the flow collector (host port). By convention, some values are forbidden. It must be greater than 1024 and different from 4500, 4789 and 6081.
diff --git a/crd-catalog/openshift/api/config.openshift.io/v1/apiservers.yaml b/crd-catalog/openshift/api/config.openshift.io/v1/apiservers.yaml
index 74cc6df2e..8a5a8758e 100644
--- a/crd-catalog/openshift/api/config.openshift.io/v1/apiservers.yaml
+++ b/crd-catalog/openshift/api/config.openshift.io/v1/apiservers.yaml
@@ -125,10 +125,10 @@ spec:
type: array
type: object
tlsSecurityProfile:
- description: "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. \n If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12."
+ description: "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. \n If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12."
properties:
custom:
- description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1"
+ description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11"
nullable: true
properties:
ciphers:
@@ -137,7 +137,7 @@ spec:
type: string
type: array
minTLSVersion:
- description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
+ description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: VersionTLS11 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
enum:
- VersionTLS10
- VersionTLS11
@@ -146,15 +146,15 @@ spec:
type: string
type: object
intermediate:
- description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2"
+ description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12"
nullable: true
type: object
modern:
- description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported."
+ description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13 \n NOTE: Currently unsupported."
nullable: true
type: object
old:
- description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0"
+ description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10"
nullable: true
type: object
type:
diff --git a/crd-catalog/openshift/api/console.openshift.io/v1/consoleplugins.yaml b/crd-catalog/openshift/api/console.openshift.io/v1/consoleplugins.yaml
index 86f778c49..9a0792775 100644
--- a/crd-catalog/openshift/api/console.openshift.io/v1/consoleplugins.yaml
+++ b/crd-catalog/openshift/api/console.openshift.io/v1/consoleplugins.yaml
@@ -179,4 +179,4 @@ spec:
- spec
type: object
served: true
- storage: false
+ storage: true
diff --git a/crd-catalog/openshift/api/console.openshift.io/v1alpha1/consoleplugins.yaml b/crd-catalog/openshift/api/console.openshift.io/v1alpha1/consoleplugins.yaml
index 89761cfda..5a57a54bf 100644
--- a/crd-catalog/openshift/api/console.openshift.io/v1alpha1/consoleplugins.yaml
+++ b/crd-catalog/openshift/api/console.openshift.io/v1alpha1/consoleplugins.yaml
@@ -143,4 +143,4 @@ spec:
- spec
type: object
served: true
- storage: true
+ storage: false
diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml
index 86a008465..3e7358384 100644
--- a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml
+++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1/kubeletconfigs.yaml
@@ -75,10 +75,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
tlsSecurityProfile:
- description: If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+ description: If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
properties:
custom:
- description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1"
+ description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11"
nullable: true
properties:
ciphers:
@@ -87,7 +87,7 @@ spec:
type: string
type: array
minTLSVersion:
- description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
+ description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: VersionTLS11 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
enum:
- VersionTLS10
- VersionTLS11
@@ -96,15 +96,15 @@ spec:
type: string
type: object
intermediate:
- description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2"
+ description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12"
nullable: true
type: object
modern:
- description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported."
+ description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13 \n NOTE: Currently unsupported."
nullable: true
type: object
old:
- description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0"
+ description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10"
nullable: true
type: object
type:
diff --git a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml
index a4344dbf9..5bae66197 100644
--- a/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml
+++ b/crd-catalog/openshift/api/machineconfiguration.openshift.io/v1alpha1/machineconfignodes.yaml
@@ -45,11 +45,11 @@ spec:
name: UpdatedFilesAndOS
priority: 1
type: string
- - jsonPath: .status.conditions[?(@.type=="CordonedNode")].status
+ - jsonPath: .status.conditions[?(@.type=="Cordoned")].status
name: CordonedNode
priority: 1
type: string
- - jsonPath: .status.conditions[?(@.type=="DrainedNode")].status
+ - jsonPath: .status.conditions[?(@.type=="Drained")].status
name: DrainedNode
priority: 1
type: string
diff --git a/crd-catalog/openshift/api/operator.openshift.io/v1/ingresscontrollers.yaml b/crd-catalog/openshift/api/operator.openshift.io/v1/ingresscontrollers.yaml
index c0370d9b6..e57355ef2 100644
--- a/crd-catalog/openshift/api/operator.openshift.io/v1/ingresscontrollers.yaml
+++ b/crd-catalog/openshift/api/operator.openshift.io/v1/ingresscontrollers.yaml
@@ -742,7 +742,7 @@ spec:
description: "tlsSecurityProfile specifies settings for TLS connections for ingresscontrollers. \n If unset, the default is based on the apiservers.config.openshift.io/cluster resource. \n Note that when using the Old, Intermediate, and Modern profile types, the effective profile configuration is subject to change between releases. For example, given a specification to use the Intermediate profile deployed on release X.Y.Z, an upgrade to release X.Y.Z+1 may cause a new profile configuration to be applied to the ingress controller, resulting in a rollout."
properties:
custom:
- description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1"
+ description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11"
nullable: true
properties:
ciphers:
@@ -751,7 +751,7 @@ spec:
type: string
type: array
minTLSVersion:
- description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
+ description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: VersionTLS11 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
enum:
- VersionTLS10
- VersionTLS11
@@ -760,15 +760,15 @@ spec:
type: string
type: object
intermediate:
- description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2"
+ description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12"
nullable: true
type: object
modern:
- description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported."
+ description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13 \n NOTE: Currently unsupported."
nullable: true
type: object
old:
- description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0"
+ description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10"
nullable: true
type: object
type:
@@ -1117,7 +1117,7 @@ spec:
type: string
type: array
minTLSVersion:
- description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
+ description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: VersionTLS11 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12"
enum:
- VersionTLS10
- VersionTLS11
diff --git a/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha2/clientintents.yaml b/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha2/clientintents.yaml
index ccbd43ede..da885cf9f 100644
--- a/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha2/clientintents.yaml
+++ b/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha2/clientintents.yaml
@@ -46,6 +46,8 @@ spec:
databaseResources:
items:
properties:
+ databaseName:
+ type: string
operations:
items:
enum:
@@ -59,6 +61,7 @@ spec:
table:
type: string
required:
+ - databaseName
- operations
- table
type: object
@@ -137,6 +140,10 @@ spec:
type: object
status:
description: IntentsStatus defines the observed state of ClientIntents
+ properties:
+ upToDate:
+ description: upToDate field reflects whether the client intents have successfully been applied to the cluster to the state specified
+ type: boolean
type: object
type: object
served: true
diff --git a/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha3/clientintents.yaml b/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha3/clientintents.yaml
index 6743bc8c7..a8f013072 100644
--- a/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha3/clientintents.yaml
+++ b/crd-catalog/otterize/helm-charts/k8s.otterize.com/v1alpha3/clientintents.yaml
@@ -73,6 +73,8 @@ spec:
databaseResources:
items:
properties:
+ databaseName:
+ type: string
operations:
items:
enum:
@@ -86,6 +88,7 @@ spec:
table:
type: string
required:
+ - databaseName
- operations
- table
type: object
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml
index 0f51840bf..992734464 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml
@@ -467,7 +467,7 @@ spec:
type: string
type: object
trackTimestampsStaleness:
- description: "TrackTimestampsStaleness whether Prometheus tracks staleness of the metrics that have an explicit timestamps present in scraped data. Has no effect if `honorTimestamps` is false. \n It requires Prometheus >= v2.48.0."
+ description: "`trackTimestampsStaleness` defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. \n It requires Prometheus >= v2.48.0."
type: boolean
type: object
type: array
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml
index eecdf1edd..a1884eed6 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml
@@ -3107,6 +3107,12 @@ spec:
queryLogFile:
description: "queryLogFile specifies where the file to which PromQL queries are logged. \n If the filename has an empty path, e.g. 'query.log', The Prometheus Pods will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. '/var/log/prometheus/query.log', you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a standard I/O stream, e.g. `/dev/stdout`, to log query information to the default Prometheus log stream."
type: string
+ reloadStrategy:
+ description: Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint.
+ enum:
+ - HTTP
+ - ProcessSignal
+ type: string
remoteRead:
description: Defines the list of remote read configurations.
items:
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml
index 8de8a5212..379dfeb95 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml
@@ -448,7 +448,7 @@ spec:
type: string
type: object
trackTimestampsStaleness:
- description: "`trackTimestampsStaleness` defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. \n It requires Prometheus >= v2.48.0."
+ description: "`trackTimestampsStaleness` defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. \n It requires Prometheus >= v2.48.0."
type: boolean
type: object
type: array
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml
index 7cada3c07..bc0c5e5fa 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml
@@ -1676,6 +1676,9 @@ spec:
items:
description: PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
properties:
+ device:
+ description: The name of a device to send the notification to
+ type: string
expire:
description: How long your notification will continue to be retried for, unless the user acknowledges the notification.
pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml
index 2e5dfb4f1..14106bc74 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml
@@ -2752,6 +2752,12 @@ spec:
prometheusExternalLabelName:
description: "Name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`\"\"`). \n Default: \"prometheus\""
type: string
+ reloadStrategy:
+ description: Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint.
+ enum:
+ - HTTP
+ - ProcessSignal
+ type: string
remoteWrite:
description: Defines the list of remote write configurations.
items:
diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml
index 28a10d968..07662f70a 100644
--- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml
+++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml
@@ -1586,6 +1586,9 @@ spec:
items:
description: PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
properties:
+ device:
+ description: The name of a device to send the notification to
+ type: string
expire:
description: How long your notification will continue to be retried for, unless the user acknowledges the notification.
pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml
index d3047d81d..477354992 100644
--- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml
+++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml
@@ -7,6 +7,8 @@ metadata:
spec:
group: ray.io
names:
+ categories:
+ - all
kind: RayCluster
listKind: RayClusterList
plural: rayclusters
diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml
index 58031b095..ad3e68869 100644
--- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml
+++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml
@@ -7,6 +7,8 @@ metadata:
spec:
group: ray.io
names:
+ categories:
+ - all
kind: RayJob
listKind: RayJobList
plural: rayjobs
diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml
index 95e499ef8..21506e958 100644
--- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml
+++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml
@@ -7,6 +7,8 @@ metadata:
spec:
group: ray.io
names:
+ categories:
+ - all
kind: RayService
listKind: RayServiceList
plural: rayservices
diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayclusters.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayclusters.yaml
index aa73f6ec2..92d601e73 100644
--- a/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayclusters.yaml
+++ b/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayclusters.yaml
@@ -7,6 +7,8 @@ metadata:
spec:
group: ray.io
names:
+ categories:
+ - all
kind: RayCluster
listKind: RayClusterList
plural: rayclusters
diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayjobs.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayjobs.yaml
index 9768a259b..291bdd95b 100644
--- a/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayjobs.yaml
+++ b/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayjobs.yaml
@@ -7,6 +7,8 @@ metadata:
spec:
group: ray.io
names:
+ categories:
+ - all
kind: RayJob
listKind: RayJobList
plural: rayjobs
diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayservices.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayservices.yaml
index 4213a0c99..5528fce2c 100644
--- a/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayservices.yaml
+++ b/crd-catalog/ray-project/kuberay/ray.io/v1alpha1/rayservices.yaml
@@ -7,6 +7,8 @@ metadata:
spec:
group: ray.io
names:
+ categories:
+ - all
kind: RayService
listKind: RayServiceList
plural: rayservices
diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml
index 1457a523b..18e1eb3ed 100644
--- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml
+++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml
@@ -136,6 +136,32 @@ spec:
description: Disable determines whether we should enable the crash collector
type: boolean
type: object
+ csi:
+ description: CSI Driver Options applied per cluster.
+ properties:
+ cephfs:
+ description: CephFS defines CSI Driver settings for CephFS driver.
+ properties:
+ fuseMountOptions:
+ description: FuseMountOptions defines the mount options for ceph fuse mounter.
+ type: string
+ kernelMountOptions:
+ description: KernelMountOptions defines the mount options for kernel mounter.
+ type: string
+ type: object
+ readAffinity:
+ description: ReadAffinity defines the read affinity settings for CSI driver.
+ properties:
+ crushLocationLabels:
+ description: CrushLocationLabels defines which node labels to use as CRUSH location. This should correspond to the values set in the CRUSH map.
+ items:
+ type: string
+ type: array
+ enabled:
+ description: Enables read affinity for CSI driver.
+ type: boolean
+ type: object
+ type: object
dashboard:
description: Dashboard settings
nullable: true
@@ -186,6 +212,9 @@ spec:
description: PGHealthCheckTimeout is the time (in minutes) that the operator will wait for the placement groups to become healthy (active+clean) after a drain was completed and OSDs came back up. Rook will continue with the next drain if the timeout exceeds. It only works if managePodBudgets is true. No values or 0 means that the operator will wait until the placement groups are healthy before unblocking the next drain.
format: int64
type: integer
+ pgHealthyRegex:
+ description: PgHealthyRegex is the regular expression that is used to determine which PG states should be considered healthy. The default is `^(active\+clean|active\+clean\+scrubbing|active\+clean\+scrubbing\+deep)$`
+ type: string
type: object
external:
description: Whether the Ceph Cluster is running external to this Kubernetes cluster mon, mgr, osd, mds, and discover daemons will not be created for external clusters.
diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml
index a3f1229c1..92931cadd 100644
--- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml
+++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml
@@ -36,6 +36,9 @@ spec:
filesystemName:
description: FilesystemName is the name of Ceph Filesystem SubVolumeGroup volume name. Typically it's the name of the CephFilesystem CR. If not coming from the CephFilesystem CR, it can be retrieved from the list of Ceph Filesystem volumes with `ceph fs volume ls`. To learn more about Ceph Filesystem abstractions see https://docs.ceph.com/en/latest/cephfs/fs-volumes/#fs-volumes-and-subvolumes
type: string
+ name:
+ description: The name of the subvolume group. If not set, the default is the name of the subvolumeGroup CR.
+ type: string
required:
- filesystemName
type: object
diff --git a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml
index aaaa33b9a..12ffd7f9e 100644
--- a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml
+++ b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml
@@ -264,6 +264,14 @@ spec:
default: false
description: RefreshBeforeApply forces refreshing of the state before the apply step.
type: boolean
+ remediation:
+ description: Remediation specifies what the controller should do when reconciliation fails. The default is to not perform any action.
+ properties:
+ retries:
+ description: Retries is the number of retries that should be attempted on failures before bailing. Defaults to '0', a negative integer denotes unlimited retries.
+ format: int64
+ type: integer
+ type: object
retryInterval:
description: The interval at which to retry a previously failed reconciliation. The default value is 15 when not specified.
type: string
@@ -3207,6 +3215,10 @@ spec:
pending:
type: string
type: object
+ reconciliationFailures:
+ description: ReconciliationFailures is the number of reconciliation failures since the last success or update.
+ format: int64
+ type: integer
type: object
type: object
served: true
diff --git a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs
index 349a40115..0c1a1ab7a 100644
--- a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs
+++ b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs
@@ -37,6 +37,9 @@ pub struct WorkspaceSpec {
pub notifications: Option>,
/// Organization name where the Workspace will be created. More information: - https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/organizations
pub organization: String,
+ /// Projects let you organize your workspaces into groups. Default: default organization project. More information: - https://developer.hashicorp.com/terraform/tutorials/cloud/projects
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub project: Option,
/// Remote state access between workspaces. By default, new workspaces in Terraform Cloud do not allow other workspaces to access their state. More information: - https://developer.hashicorp.com/terraform/cloud-docs/workspaces/state#accessing-state-from-other-workspaces
#[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteStateSharing")]
pub remote_state_sharing: Option,
@@ -182,6 +185,17 @@ pub enum WorkspaceNotificationsType {
Slack,
}
+/// Projects let you organize your workspaces into groups. Default: default organization project. More information: - https://developer.hashicorp.com/terraform/tutorials/cloud/projects
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct WorkspaceProject {
+ /// Project ID. Must match pattern: ^prj-[a-zA-Z0-9]+$
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub id: Option,
+ /// Project name.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub name: Option,
+}
+
/// Remote state access between workspaces. By default, new workspaces in Terraform Cloud do not allow other workspaces to access their state. More information: - https://developer.hashicorp.com/terraform/cloud-docs/workspaces/state#accessing-state-from-other-workspaces
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct WorkspaceRemoteStateSharing {
diff --git a/kube-custom-resources-rs/src/canaries_flanksource_com/v1/canaries.rs b/kube-custom-resources-rs/src/canaries_flanksource_com/v1/canaries.rs
index 22038af92..c4ff2f9b8 100644
--- a/kube-custom-resources-rs/src/canaries_flanksource_com/v1/canaries.rs
+++ b/kube-custom-resources-rs/src/canaries_flanksource_com/v1/canaries.rs
@@ -2284,6 +2284,9 @@ pub struct CanaryEnvSecretKeyRef {
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct CanaryExec {
+ /// Artifacts configure the artifacts generated by the check
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub artifacts: Option>,
/// Checkout details the git repository that should be mounted to the process
#[serde(default, skip_serializing_if = "Option::is_none")]
pub checkout: Option,
@@ -2322,6 +2325,12 @@ pub struct CanaryExec {
pub transform_delete_strategy: Option,
}
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct CanaryExecArtifacts {
+ /// Path to the artifact on the check runner. Special paths: /dev/stdout & /dev/stdin
+ pub path: String,
+}
+
/// Checkout details the git repository that should be mounted to the process
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct CanaryExecCheckout {
@@ -3925,6 +3934,9 @@ pub struct CanaryJmeterMetricsLabels {
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct CanaryJunit {
+ /// Artifacts configure the artifacts generated by the check
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub artifacts: Option>,
/// Description for the check
#[serde(default, skip_serializing_if = "Option::is_none")]
pub description: Option,
@@ -3959,6 +3971,12 @@ pub struct CanaryJunit {
pub transform_delete_strategy: Option,
}
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct CanaryJunitArtifacts {
+ /// Path to the artifact on the check runner. Special paths: /dev/stdout & /dev/stdin
+ pub path: String,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct CanaryJunitDisplay {
#[serde(default, skip_serializing_if = "Option::is_none")]
diff --git a/kube-custom-resources-rs/src/capsule_clastix_io/v1beta1/tenants.rs b/kube-custom-resources-rs/src/capsule_clastix_io/v1beta1/tenants.rs
index ccb6da569..f4e3dedb8 100644
--- a/kube-custom-resources-rs/src/capsule_clastix_io/v1beta1/tenants.rs
+++ b/kube-custom-resources-rs/src/capsule_clastix_io/v1beta1/tenants.rs
@@ -537,6 +537,12 @@ pub struct TenantServiceOptions {
/// Specifies the external IPs that can be used in Services with type ClusterIP. An empty list means no IPs are allowed. Optional.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")]
pub external_i_ps: Option,
+ /// Define the annotations that a Tenant Owner cannot set for their Service resources.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "forbiddenAnnotations")]
+ pub forbidden_annotations: Option,
+ /// Define the labels that a Tenant Owner cannot set for their Service resources.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "forbiddenLabels")]
+ pub forbidden_labels: Option,
}
/// Specifies additional labels and annotations the Capsule operator places on any Service resource in the Tenant. Optional.
@@ -568,6 +574,24 @@ pub struct TenantServiceOptionsExternalIPs {
pub allowed: Vec,
}
+/// Define the annotations that a Tenant Owner cannot set for their Service resources.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TenantServiceOptionsForbiddenAnnotations {
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub denied: Option>,
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "deniedRegex")]
+ pub denied_regex: Option,
+}
+
+/// Define the labels that a Tenant Owner cannot set for their Service resources.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TenantServiceOptionsForbiddenLabels {
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub denied: Option>,
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "deniedRegex")]
+ pub denied_regex: Option,
+}
+
/// Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. Optional.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TenantStorageClasses {
diff --git a/kube-custom-resources-rs/src/capsule_clastix_io/v1beta2/tenants.rs b/kube-custom-resources-rs/src/capsule_clastix_io/v1beta2/tenants.rs
index d5e187e9b..91e7f8fc0 100644
--- a/kube-custom-resources-rs/src/capsule_clastix_io/v1beta2/tenants.rs
+++ b/kube-custom-resources-rs/src/capsule_clastix_io/v1beta2/tenants.rs
@@ -42,6 +42,9 @@ pub struct TenantSpec {
pub node_selector: Option>,
/// Specifies the owners of the Tenant. Mandatory.
pub owners: Vec,
+ /// Specifies options for the Pods deployed in the Tenant namespaces, such as additional metadata.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podOptions")]
+ pub pod_options: Option,
/// Prevent accidental deletion of the Tenant. When enabled, the deletion request will be declined.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "preventDeletion")]
pub prevent_deletion: Option,
@@ -525,6 +528,23 @@ pub enum TenantOwnersProxySettingsKind {
PersistentVolumes,
}
+/// Specifies options for the Pods deployed in the Tenant namespaces, such as additional metadata.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TenantPodOptions {
+ /// Specifies additional labels and annotations the Capsule operator places on any Pod resource in the Tenant. Optional.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalMetadata")]
+ pub additional_metadata: Option,
+}
+
+/// Specifies additional labels and annotations the Capsule operator places on any Pod resource in the Tenant. Optional.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TenantPodOptionsAdditionalMetadata {
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub annotations: Option>,
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub labels: Option>,
+}
+
/// Specifies the allowed priorityClasses assigned to the Tenant. Capsule assures that all Pods resources created in the Tenant can use only one of the allowed PriorityClasses. A default value can be specified, and all the Pod resources created will inherit the declared class. Optional.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TenantPriorityClasses {
@@ -645,6 +665,12 @@ pub struct TenantServiceOptions {
/// Specifies the external IPs that can be used in Services with type ClusterIP. An empty list means no IPs are allowed. Optional.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")]
pub external_i_ps: Option,
+ /// Define the annotations that a Tenant Owner cannot set for their Service resources.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "forbiddenAnnotations")]
+ pub forbidden_annotations: Option,
+ /// Define the labels that a Tenant Owner cannot set for their Service resources.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "forbiddenLabels")]
+ pub forbidden_labels: Option,
}
/// Specifies additional labels and annotations the Capsule operator places on any Service resource in the Tenant. Optional.
@@ -676,6 +702,24 @@ pub struct TenantServiceOptionsExternalIPs {
pub allowed: Vec,
}
+/// Define the annotations that a Tenant Owner cannot set for their Service resources.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TenantServiceOptionsForbiddenAnnotations {
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub denied: Option>,
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "deniedRegex")]
+ pub denied_regex: Option,
+}
+
+/// Define the labels that a Tenant Owner cannot set for their Service resources.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TenantServiceOptionsForbiddenLabels {
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub denied: Option>,
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "deniedRegex")]
+ pub denied_regex: Option,
+}
+
/// Specifies the allowed StorageClasses assigned to the Tenant. Capsule assures that all PersistentVolumeClaim resources created in the Tenant can use only one of the allowed StorageClasses. A default value can be specified, and all the PersistentVolumeClaim resources created will inherit the declared class. Optional.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TenantStorageClasses {
diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystemsubvolumegroups.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystemsubvolumegroups.rs
index 497542e59..5862b498f 100644
--- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystemsubvolumegroups.rs
+++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystemsubvolumegroups.rs
@@ -16,6 +16,9 @@ pub struct CephFilesystemSubVolumeGroupSpec {
/// FilesystemName is the name of Ceph Filesystem SubVolumeGroup volume name. Typically it's the name of the CephFilesystem CR. If not coming from the CephFilesystem CR, it can be retrieved from the list of Ceph Filesystem volumes with `ceph fs volume ls`. To learn more about Ceph Filesystem abstractions see https://docs.ceph.com/en/latest/cephfs/fs-volumes/#fs-volumes-and-subvolumes
#[serde(rename = "filesystemName")]
pub filesystem_name: String,
+ /// The name of the subvolume group. If not set, the default is the name of the subvolumeGroup CR.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub name: Option,
}
/// Status represents the status of a CephFilesystem SubvolumeGroup
diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs
index 849045855..7a48caaff 100644
--- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs
+++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs
@@ -22,7 +22,8 @@ pub struct MachineSetSpec {
/// MinReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. Defaults to 0 (machine will be considered available as soon as the Node is ready)
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")]
pub min_ready_seconds: Option,
- /// Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1.
+ /// Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified.
+ /// Defaults to: * if the Kubernetes autoscaler min size and max size annotations are set: - if it's a new MachineSet, use min size - if the replicas field of the old MachineSet is < min size, use min size - if the replicas field of the old MachineSet is > max size, use max size - if the replicas field of the old MachineSet is in the (min size, max size) range, keep the value from the oldMS * otherwise use 1 Note: Defaulting will be run whenever the replicas field is not set: * A new MachineSet is created with replicas not set. * On an existing MachineSet the replicas field was first set and is now unset. Those cases are especially relevant for the following Kubernetes autoscaler use cases: * A new MachineSet is created and replicas should be managed by the autoscaler * An existing MachineSet which initially wasn't controlled by the autoscaler should be later controlled by the autoscaler
#[serde(default, skip_serializing_if = "Option::is_none")]
pub replicas: Option,
/// Selector is a label query over machines that should match the replica count. Label keys and values that must match in order to be controlled by this MachineSet. It must match the machine template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
diff --git a/kube-custom-resources-rs/src/config_openshift_io/v1/apiservers.rs b/kube-custom-resources-rs/src/config_openshift_io/v1/apiservers.rs
index bc8536994..3a3706ac5 100644
--- a/kube-custom-resources-rs/src/config_openshift_io/v1/apiservers.rs
+++ b/kube-custom-resources-rs/src/config_openshift_io/v1/apiservers.rs
@@ -27,7 +27,7 @@ pub struct APIServerSpec {
#[serde(default, skip_serializing_if = "Option::is_none", rename = "servingCerts")]
pub serving_certs: Option,
/// tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.
- /// If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+ /// If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsSecurityProfile")]
pub tls_security_profile: Option,
}
@@ -132,30 +132,30 @@ pub struct APIServerServingCertsNamedCertificatesServingCertificate {
}
/// tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.
-/// If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+/// If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct APIServerTlsSecurityProfile {
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
- /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+ /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[serde(default, skip_serializing_if = "Option::is_none")]
pub custom: Option,
/// intermediate is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none")]
pub intermediate: Option,
/// modern is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13
/// NOTE: Currently unsupported.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub modern: Option,
/// old is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10
#[serde(default, skip_serializing_if = "Option::is_none")]
pub old: Option,
/// type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:
@@ -167,7 +167,7 @@ pub struct APIServerTlsSecurityProfile {
}
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
-/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct APIServerTlsSecurityProfileCustom {
/// ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):
@@ -175,14 +175,14 @@ pub struct APIServerTlsSecurityProfileCustom {
#[serde(default, skip_serializing_if = "Option::is_none")]
pub ciphers: Option>,
/// minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
- /// minTLSVersion: TLSv1.1
+ /// minTLSVersion: VersionTLS11
/// NOTE: currently the highest minTLSVersion allowed is VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minTLSVersion")]
pub min_tls_version: Option,
}
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
-/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum APIServerTlsSecurityProfileCustomMinTlsVersion {
#[serde(rename = "VersionTLS10")]
@@ -198,7 +198,7 @@ pub enum APIServerTlsSecurityProfileCustomMinTlsVersion {
/// intermediate is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct APIServerTlsSecurityProfileIntermediate {
}
@@ -206,7 +206,7 @@ pub struct APIServerTlsSecurityProfileIntermediate {
/// modern is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13
/// NOTE: Currently unsupported.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct APIServerTlsSecurityProfileModern {
@@ -215,13 +215,13 @@ pub struct APIServerTlsSecurityProfileModern {
/// old is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct APIServerTlsSecurityProfileOld {
}
/// tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.
-/// If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+/// If unset, a default (which may change between releases) is chosen. Note that only Old, Intermediate and Custom profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum APIServerTlsSecurityProfileType {
Old,
diff --git a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clustercollectedstatuses.rs b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clustercollectedstatuses.rs
index 0e75e1110..a269f6adc 100644
--- a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clustercollectedstatuses.rs
+++ b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clustercollectedstatuses.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/clustercollectedstatuses.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
+use kube::CustomResource;
use serde::{Serialize, Deserialize};
use std::collections::HashMap;
diff --git a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagatedversions.rs b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagatedversions.rs
index 8bd228be4..34b5d552c 100644
--- a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagatedversions.rs
+++ b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagatedversions.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/clusterpropagatedversions.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
+use kube::CustomResource;
use serde::{Serialize, Deserialize};
/// PropagatedVersionStatus defines the observed state of PropagatedVersion
diff --git a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagationpolicies.rs b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagationpolicies.rs
index 78e902f16..b1c471834 100644
--- a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagationpolicies.rs
+++ b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/clusterpropagationpolicies.rs
@@ -29,6 +29,9 @@ pub struct ClusterPropagationPolicySpec {
/// Placement is an explicit list of clusters used to select member clusters to propagate resources to.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub placement: Option>,
+ /// ReplicasStrategy is the strategy used for scheduling replicas.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicasStrategy")]
+ pub replicas_strategy: Option,
/// Configures behaviors related to rescheduling.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "reschedulePolicy")]
pub reschedule_policy: Option,
@@ -131,11 +134,20 @@ pub struct ClusterPropagationPolicyPlacementPreferences {
/// Minimum number of replicas that should be assigned to this cluster workload object. 0 by default.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")]
pub min_replicas: Option,
- /// A number expressing the preference to put an additional replica to this cluster workload object.
+ /// A number expressing the priority of the cluster. The higher the value, the higher the priority. When selecting clusters for propagation, clusters with higher priority are preferred. When the Binpack ReplicasStrategy is selected, replicas will be scheduled to clusters with higher priority first.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub priority: Option,
+ /// A number expressing the preference to put an additional replica to this cluster workload object. It will not take effect when ReplicasStrategy is Binpack.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub weight: Option,
}
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum ClusterPropagationPolicyReplicasStrategy {
+ Binpack,
+ Spread,
+}
+
/// Configures behaviors related to rescheduling.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct ClusterPropagationPolicyReschedulePolicy {
diff --git a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/collectedstatuses.rs b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/collectedstatuses.rs
index 589d9be7f..cb2b6fd21 100644
--- a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/collectedstatuses.rs
+++ b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/collectedstatuses.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/collectedstatuses.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
+use kube::CustomResource;
use serde::{Serialize, Deserialize};
use std::collections::HashMap;
diff --git a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagatedversions.rs b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagatedversions.rs
index e76b889bd..699d4724e 100644
--- a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagatedversions.rs
+++ b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagatedversions.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/kubewharf/kubeadmiral/core.kubeadmiral.io/v1alpha1/propagatedversions.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
+use kube::CustomResource;
use serde::{Serialize, Deserialize};
/// PropagatedVersionStatus defines the observed state of PropagatedVersion
diff --git a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagationpolicies.rs b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagationpolicies.rs
index 0d703725d..96e6414db 100644
--- a/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagationpolicies.rs
+++ b/kube-custom-resources-rs/src/core_kubeadmiral_io/v1alpha1/propagationpolicies.rs
@@ -30,6 +30,9 @@ pub struct PropagationPolicySpec {
/// Placement is an explicit list of clusters used to select member clusters to propagate resources to.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub placement: Option>,
+ /// ReplicasStrategy is the strategy used for scheduling replicas.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicasStrategy")]
+ pub replicas_strategy: Option,
/// Configures behaviors related to rescheduling.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "reschedulePolicy")]
pub reschedule_policy: Option,
@@ -132,11 +135,20 @@ pub struct PropagationPolicyPlacementPreferences {
/// Minimum number of replicas that should be assigned to this cluster workload object. 0 by default.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")]
pub min_replicas: Option,
- /// A number expressing the preference to put an additional replica to this cluster workload object.
+ /// A number expressing the priority of the cluster. The higher the value, the higher the priority. When selecting clusters for propagation, clusters with higher priority are preferred. When the Binpack ReplicasStrategy is selected, replicas will be scheduled to clusters with higher priority first.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub priority: Option,
+ /// A number expressing the preference to put an additional replica to this cluster workload object. It will not take effect when ReplicasStrategy is Binpack.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub weight: Option,
}
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum PropagationPolicyReplicasStrategy {
+ Binpack,
+ Spread,
+}
+
/// Configures behaviors related to rescheduling.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct PropagationPolicyReschedulePolicy {
diff --git a/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/dataloads.rs b/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/dataloads.rs
index a55913eee..771f9e4d2 100644
--- a/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/dataloads.rs
+++ b/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/dataloads.rs
@@ -5,6 +5,7 @@
use kube::CustomResource;
use serde::{Serialize, Deserialize};
use std::collections::BTreeMap;
+use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString;
/// DataLoadSpec defines the desired state of DataLoad
#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)]
@@ -34,6 +35,9 @@ pub struct DataLoadSpec {
/// including Once, Cron, OnEvent
#[serde(default, skip_serializing_if = "Option::is_none")]
pub policy: Option,
+ /// Resources that will be requested by the DataLoad job.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub resources: Option,
/// Specifies that the preceding operation in a workflow
#[serde(default, skip_serializing_if = "Option::is_none", rename = "runAfter")]
pub run_after: Option,
@@ -489,6 +493,17 @@ pub enum DataLoadPolicy {
OnEvent,
}
+/// Resources that will be requested by the DataLoad job.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct DataLoadResources {
+ /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub limits: Option>,
+ /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub requests: Option>,
+}
+
/// Specifies that the preceding operation in a workflow
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct DataLoadRunAfter {
diff --git a/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs b/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs
index 43fdeb080..245a21008 100644
--- a/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs
+++ b/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs
@@ -243,6 +243,9 @@ pub struct CanaryAnalysisWebhooks {
pub mute_alert: Option,
/// Name of the webhook
pub name: String,
+ /// Number of retries for this webhook
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub retries: Option,
/// Request timeout for this webhook
#[serde(default, skip_serializing_if = "Option::is_none")]
pub timeout: Option,
diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs
index 7ab128486..5dff87be3 100644
--- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs
+++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs
@@ -68,7 +68,7 @@ pub struct FlowCollectorAgentEbpf {
/// `excludeInterfaces` contains the interface names that are excluded from flow tracing. An entry enclosed by slashes, such as `/br-/`, is matched as a regular expression. Otherwise it is matched as a case-sensitive string.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeInterfaces")]
pub exclude_interfaces: Option>,
- /// List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature. This feature requires mounting the kernel debug filesystem hence the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
+ /// List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub features: Option>,
/// `imagePullPolicy` is the Kubernetes pull policy for the image defined above
@@ -1260,6 +1260,9 @@ pub struct FlowCollectorProcessor {
/// `Metrics` define the processor configuration regarding metrics
#[serde(default, skip_serializing_if = "Option::is_none")]
pub metrics: Option,
+ /// Set `multiClusterDeployment` to `true` to enable multi clusters feature. This will add clusterName label to flows data
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiClusterDeployment")]
+ pub multi_cluster_deployment: Option,
/// Port of the flow collector (host port). By convention, some values are forbidden. It must be greater than 1024 and different from 4500, 4789 and 6081.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub port: Option,
@@ -1623,7 +1626,7 @@ pub struct FlowCollectorProcessorMetrics {
/// `ignoreTags` [deprecated (*)] is a list of tags to specify which metrics to ignore. Each metric is associated with a list of tags. More details in https://github.com/netobserv/network-observability-operator/tree/main/controllers/flowlogspipeline/metrics_definitions . Available tags are: `egress`, `ingress`, `flows`, `bytes`, `packets`, `namespaces`, `nodes`, `workloads`, `nodes-flows`, `namespaces-flows`, `workloads-flows`. Namespace-based metrics are covered by both `workloads` and `namespaces` tags, hence it is recommended to always ignore one of them (`workloads` offering a finer granularity).
Deprecation notice: use `includeList` instead.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreTags")]
pub ignore_tags: Option>,
- /// `includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md
+ /// `includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md
#[serde(default, skip_serializing_if = "Option::is_none", rename = "includeList")]
pub include_list: Option>,
/// Metrics server endpoint configuration for Prometheus scraper
diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs
index fe446ef23..c0a40cddc 100644
--- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs
+++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs
@@ -68,7 +68,7 @@ pub struct FlowCollectorAgentEbpf {
/// `excludeInterfaces` contains the interface names that are excluded from flow tracing. An entry enclosed by slashes, such as `/br-/`, is matched as a regular expression. Otherwise it is matched as a case-sensitive string.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeInterfaces")]
pub exclude_interfaces: Option>,
- /// List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature. This feature requires mounting the kernel debug filesystem hence the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
+ /// List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting the kernel debug filesystem, so the eBPF pod has to run as privileged. If the `spec.agent.eBPF.privileged` parameter is not set, an error is reported.
- `DNSTracking`: enable the DNS tracking feature.
- `FlowRTT` [unsupported (*)]: enable flow latency (RTT) calculations in the eBPF agent during TCP handshakes. This feature better works with `sampling` set to 1.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub features: Option>,
/// `imagePullPolicy` is the Kubernetes pull policy for the image defined above
@@ -1481,6 +1481,9 @@ pub struct FlowCollectorProcessor {
/// `Metrics` define the processor configuration regarding metrics
#[serde(default, skip_serializing_if = "Option::is_none")]
pub metrics: Option,
+ /// Set `multiClusterDeployment` to `true` to enable multi clusters feature. This will add clusterName label to flows data
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiClusterDeployment")]
+ pub multi_cluster_deployment: Option,
/// Port of the flow collector (host port). By convention, some values are forbidden. It must be greater than 1024 and different from 4500, 4789 and 6081.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub port: Option,
@@ -1841,7 +1844,7 @@ pub struct FlowCollectorProcessorMetrics {
/// `disableAlerts` is a list of alerts that should be disabled. Possible values are:
`NetObservNoFlows`, which is triggered when no flows are being observed for a certain period.
`NetObservLokiError`, which is triggered when flows are being dropped due to Loki errors.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "disableAlerts")]
pub disable_alerts: Option>,
- /// `includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md
+ /// `includeList` is a list of metric names to specify which ones to generate. The names correspond to the names in Prometheus without the prefix. For example, `namespace_egress_packets_total` will show up as `netobserv_namespace_egress_packets_total` in Prometheus. Note that the more metrics you add, the bigger is the impact on Prometheus workload resources. Metrics enabled by default are: `namespace_flows_total`, `node_ingress_bytes_total`, `workload_ingress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), `namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled). More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md
#[serde(default, skip_serializing_if = "Option::is_none", rename = "includeList")]
pub include_list: Option>,
/// Metrics server endpoint configuration for Prometheus scraper
diff --git a/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs b/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs
index 286006144..0c74d1592 100644
--- a/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs
+++ b/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs
@@ -19,6 +19,9 @@ pub struct HelmReleaseSpec {
/// DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources that must be ready before this HelmRelease can be reconciled.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")]
pub depends_on: Option>,
+ /// DriftDetection holds the configuration for detecting and handling differences between the manifest in the Helm storage and the resources currently existing in the cluster.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "driftDetection")]
+ pub drift_detection: Option,
/// Install holds the configuration for Helm install actions for this HelmRelease.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub install: Option,
@@ -190,6 +193,64 @@ pub struct HelmReleaseDependsOn {
pub namespace: Option,
}
+/// DriftDetection holds the configuration for detecting and handling differences between the manifest in the Helm storage and the resources currently existing in the cluster.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct HelmReleaseDriftDetection {
+ /// Ignore contains a list of rules for specifying which changes to ignore during diffing.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub ignore: Option>,
+ /// Mode defines how differences should be handled between the Helm manifest and the manifest currently applied to the cluster. If not explicitly set, it defaults to DiffModeDisabled.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub mode: Option,
+}
+
+/// IgnoreRule defines a rule to selectively disregard specific changes during the drift detection process.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct HelmReleaseDriftDetectionIgnore {
+ /// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from consideration in a Kubernetes object.
+ pub paths: Vec,
+ /// Target is a selector for specifying Kubernetes objects to which this rule applies. If Target is not set, the Paths will be ignored for all Kubernetes objects within the manifest of the Helm release.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub target: Option,
+}
+
+/// Target is a selector for specifying Kubernetes objects to which this rule applies. If Target is not set, the Paths will be ignored for all Kubernetes objects within the manifest of the Helm release.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct HelmReleaseDriftDetectionIgnoreTarget {
+ /// AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelector")]
+ pub annotation_selector: Option,
+ /// Group is the API group to select resources from. Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub group: Option,
+ /// Kind of the API Group to select resources from. Together with Group and Version it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub kind: Option,
+ /// LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")]
+ pub label_selector: Option,
+ /// Name to match resources with.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub name: Option,
+ /// Namespace to select resources from.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub namespace: Option,
+ /// Version of the API Group to select resources from. Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub version: Option,
+}
+
+/// DriftDetection holds the configuration for detecting and handling differences between the manifest in the Helm storage and the resources currently existing in the cluster.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum HelmReleaseDriftDetectionMode {
+ #[serde(rename = "enabled")]
+ Enabled,
+ #[serde(rename = "warn")]
+ Warn,
+ #[serde(rename = "disabled")]
+ Disabled,
+}
+
/// Install holds the configuration for Helm install actions for this HelmRelease.
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct HelmReleaseInstall {
diff --git a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs
index 1ae1336fa..7ea26374e 100644
--- a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs
+++ b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs
@@ -79,6 +79,9 @@ pub struct TerraformSpec {
/// RefreshBeforeApply forces refreshing of the state before the apply step.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshBeforeApply")]
pub refresh_before_apply: Option,
+ /// Remediation specifies what the controller should do when reconciliation fails. The default is to not perform any action.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub remediation: Option,
/// The interval at which to retry a previously failed reconciliation. The default value is 15 when not specified.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")]
pub retry_interval: Option,
@@ -272,6 +275,14 @@ pub struct TerraformReadInputsFromSecrets {
pub name: String,
}
+/// Remediation specifies what the controller should do when reconciliation fails. The default is to not perform any action.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TerraformRemediation {
+ /// Retries is the number of retries that should be attempted on failures before bailing. Defaults to '0', a negative integer denotes unlimited retries.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub retries: Option,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TerraformRunnerPodTemplate {
#[serde(default, skip_serializing_if = "Option::is_none")]
@@ -3018,6 +3029,9 @@ pub struct TerraformStatus {
pub observed_generation: Option,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub plan: Option,
+ /// ReconciliationFailures is the number of reconciliation failures since the last success or update.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconciliationFailures")]
+ pub reconciliation_failures: Option,
}
/// Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example,
diff --git a/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha2/clientintents.rs b/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha2/clientintents.rs
index 7a006b7c9..f50cd264f 100644
--- a/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha2/clientintents.rs
+++ b/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha2/clientintents.rs
@@ -31,6 +31,8 @@ pub struct ClientIntentsCalls {
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct ClientIntentsCallsDatabaseResources {
+ #[serde(rename = "databaseName")]
+ pub database_name: String,
pub operations: Vec,
pub table: String,
}
@@ -65,5 +67,8 @@ pub struct ClientIntentsService {
/// IntentsStatus defines the observed state of ClientIntents
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct ClientIntentsStatus {
+ /// upToDate field reflects whether the client intents have successfully been applied to the cluster to the state specified
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "upToDate")]
+ pub up_to_date: Option,
}
diff --git a/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha3/clientintents.rs b/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha3/clientintents.rs
index 4896d259d..04f98c598 100644
--- a/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha3/clientintents.rs
+++ b/kube-custom-resources-rs/src/k8s_otterize_com/v1alpha3/clientintents.rs
@@ -39,6 +39,8 @@ pub struct ClientIntentsCallsHttpResources {
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct ClientIntentsCallsDatabaseResources {
+ #[serde(rename = "databaseName")]
+ pub database_name: String,
pub operations: Vec,
pub table: String,
}
diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs
index 333b9ff07..c153a1cb6 100644
--- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs
+++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs
@@ -14,6 +14,11 @@ use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString;
#[kube(status = "WorkloadStatus")]
#[kube(schema = "disabled")]
pub struct WorkloadSpec {
+ /// Active determines if a workload can be admitted into a queue. Changing active from true to false will evict any running workloads. Possible values are:
+ /// - false: indicates that a workload should never be admitted and evicts running workloads - true: indicates that a workload can be evaluated for admission into it's respective queue.
+ /// Defaults to true
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub active: Option,
/// podSets is a list of sets of homogeneous pods, each described by a Pod spec and a count. There must be at least one element and at most 8. podSets cannot be changed.
#[serde(rename = "podSets")]
pub pod_sets: Vec,
diff --git a/kube-custom-resources-rs/src/lib.rs b/kube-custom-resources-rs/src/lib.rs
index f696715a7..e5d5dacda 100644
--- a/kube-custom-resources-rs/src/lib.rs
+++ b/kube-custom-resources-rs/src/lib.rs
@@ -1924,6 +1924,11 @@ Every group has its own feature in this crate. The available features are as fol
- `Provider`
- `Receiver`
+- apiVersion: `notification.toolkit.fluxcd.io/v1beta3`
+- kinds:
+ - `Alert`
+ - `Provider`
+
## opensearchservice_services_k8s_aws
- apiVersion: `opensearchservice.services.k8s.aws/v1alpha1`
diff --git a/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs b/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs
index 096391879..88ac57d0e 100644
--- a/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs
+++ b/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs
@@ -37,6 +37,9 @@ pub struct LimitadorSpec {
/// Telemetry defines the level of metrics Limitador will expose to the user
#[serde(default, skip_serializing_if = "Option::is_none")]
pub telemetry: Option,
+ /// Sets the level of verbosity
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub verbosity: Option,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub version: Option,
}
diff --git a/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs b/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs
index f2dd901b5..91fafd899 100644
--- a/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs
+++ b/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs
@@ -242,6 +242,9 @@ pub struct LokiStackLimitsTenantsIngestion {
/// QueryLimits defines the limit applied on querying log streams.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct LokiStackLimitsTenantsQueries {
+ /// Blocked defines the list of rules to block matching queries.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub blocked: Option>,
/// CardinalityLimit defines the cardinality limit for index queries.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "cardinalityLimit")]
pub cardinality_limit: Option,
@@ -259,6 +262,23 @@ pub struct LokiStackLimitsTenantsQueries {
pub query_timeout: Option,
}
+/// BlockedQuerySpec defines the rule spec for queries to be blocked.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct LokiStackLimitsTenantsQueriesBlocked {
+ /// Hash is a 32-bit FNV-1 hash of the query string.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub hash: Option,
+ /// Pattern defines the pattern matching the queries to be blocked.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub pattern: Option,
+ /// Regex defines if the pattern is a regular expression. If false the pattern will be used only for exact matches.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub regex: Option,
+ /// Types defines the list of query types that should be considered for blocking.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub types: Option>,
+}
+
/// Retention defines how long logs are kept in storage.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct LokiStackLimitsTenantsRetention {
diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs
index 95b98cdd6..503b02d58 100644
--- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs
+++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs
@@ -54,6 +54,8 @@ pub enum NodeDisksDiskType {
/// NodeStatus defines the observed state of the Longhorn node
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct NodeStatus {
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoEvicting")]
+ pub auto_evicting: Option,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub conditions: Option>,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "diskStatus")]
diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs
index 51db74271..937c85f4e 100644
--- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs
+++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs
@@ -31,6 +31,8 @@ pub struct ReplicaSpec {
pub engine_image: Option,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "engineName")]
pub engine_name: Option,
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionRequested")]
+ pub eviction_requested: Option,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "failedAt")]
pub failed_at: Option,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "hardNodeAffinity")]
@@ -75,6 +77,7 @@ pub struct ReplicaStatus {
pub current_image: Option,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "currentState")]
pub current_state: Option,
+ /// Deprecated: Replaced by field `spec.evictionRequested`.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionRequested")]
pub eviction_requested: Option,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceManagerName")]
diff --git a/kube-custom-resources-rs/src/machineconfiguration_openshift_io/v1/kubeletconfigs.rs b/kube-custom-resources-rs/src/machineconfiguration_openshift_io/v1/kubeletconfigs.rs
index 5f8c044d6..3aaf723fa 100644
--- a/kube-custom-resources-rs/src/machineconfiguration_openshift_io/v1/kubeletconfigs.rs
+++ b/kube-custom-resources-rs/src/machineconfiguration_openshift_io/v1/kubeletconfigs.rs
@@ -22,7 +22,7 @@ pub struct KubeletConfigSpec {
/// MachineConfigPoolSelector selects which pools the KubeletConfig shoud apply to. A nil selector will result in no pools being selected.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "machineConfigPoolSelector")]
pub machine_config_pool_selector: Option,
- /// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+ /// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsSecurityProfile")]
pub tls_security_profile: Option,
}
@@ -50,30 +50,30 @@ pub struct KubeletConfigMachineConfigPoolSelectorMatchExpressions {
pub values: Option>,
}
-/// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+/// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct KubeletConfigTlsSecurityProfile {
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
- /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+ /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[serde(default, skip_serializing_if = "Option::is_none")]
pub custom: Option,
/// intermediate is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none")]
pub intermediate: Option,
/// modern is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13
/// NOTE: Currently unsupported.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub modern: Option,
/// old is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10
#[serde(default, skip_serializing_if = "Option::is_none")]
pub old: Option,
/// type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:
@@ -85,7 +85,7 @@ pub struct KubeletConfigTlsSecurityProfile {
}
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
-/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct KubeletConfigTlsSecurityProfileCustom {
/// ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):
@@ -93,14 +93,14 @@ pub struct KubeletConfigTlsSecurityProfileCustom {
#[serde(default, skip_serializing_if = "Option::is_none")]
pub ciphers: Option>,
/// minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
- /// minTLSVersion: TLSv1.1
+ /// minTLSVersion: VersionTLS11
/// NOTE: currently the highest minTLSVersion allowed is VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minTLSVersion")]
pub min_tls_version: Option,
}
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
-/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum KubeletConfigTlsSecurityProfileCustomMinTlsVersion {
#[serde(rename = "VersionTLS10")]
@@ -116,7 +116,7 @@ pub enum KubeletConfigTlsSecurityProfileCustomMinTlsVersion {
/// intermediate is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct KubeletConfigTlsSecurityProfileIntermediate {
}
@@ -124,7 +124,7 @@ pub struct KubeletConfigTlsSecurityProfileIntermediate {
/// modern is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13
/// NOTE: Currently unsupported.
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct KubeletConfigTlsSecurityProfileModern {
@@ -133,12 +133,12 @@ pub struct KubeletConfigTlsSecurityProfileModern {
/// old is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct KubeletConfigTlsSecurityProfileOld {
}
-/// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12.
+/// If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that only Old and Intermediate profiles are currently supported, and the maximum available minTLSVersion is VersionTLS12.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum KubeletConfigTlsSecurityProfileType {
Old,
diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs
index 71ae48ba5..c99f41329 100644
--- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs
+++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs
@@ -157,7 +157,7 @@ pub struct PodMonitorPodMetricsEndpoints {
/// TLS configuration to use when scraping the target.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")]
pub tls_config: Option,
- /// TrackTimestampsStaleness whether Prometheus tracks staleness of the metrics that have an explicit timestamps present in scraped data. Has no effect if `honorTimestamps` is false.
+ /// `trackTimestampsStaleness` defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false.
/// It requires Prometheus >= v2.48.0.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "trackTimestampsStaleness")]
pub track_timestamps_staleness: Option,
diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs
index 17f700333..42ebcc6ed 100644
--- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs
+++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs
@@ -241,6 +241,9 @@ pub struct PrometheusSpec {
/// If the filename has an empty path, e.g. 'query.log', The Prometheus Pods will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. '/var/log/prometheus/query.log', you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a standard I/O stream, e.g. `/dev/stdout`, to log query information to the default Prometheus log stream.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "queryLogFile")]
pub query_log_file: Option,
+ /// Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadStrategy")]
+ pub reload_strategy: Option,
/// Defines the list of remote read configurations.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteRead")]
pub remote_read: Option>,
@@ -3136,6 +3139,14 @@ pub struct PrometheusQuery {
pub timeout: Option,
}
+/// Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum PrometheusReloadStrategy {
+ #[serde(rename = "HTTP")]
+ Http,
+ ProcessSignal,
+}
+
/// RemoteReadSpec defines the configuration for Prometheus to read back samples from a remote endpoint.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct PrometheusRemoteRead {
diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs
index 2cbd16704..e89208868 100644
--- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs
+++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs
@@ -153,7 +153,7 @@ pub struct ServiceMonitorEndpoints {
/// TLS configuration to use when scraping the target.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")]
pub tls_config: Option,
- /// `trackTimestampsStaleness` defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data.
+ /// `trackTimestampsStaleness` defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false.
/// It requires Prometheus >= v2.48.0.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "trackTimestampsStaleness")]
pub track_timestamps_staleness: Option,
diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs
index 2946111d0..34e98eac9 100644
--- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs
+++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs
@@ -1786,6 +1786,9 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsServiceKey {
/// PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct AlertmanagerConfigReceiversPushoverConfigs {
+ /// The name of a device to send the notification to
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub device: Option,
/// How long your notification will continue to be retried for, unless the user acknowledges the notification.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub expire: Option,
diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs
index 8a12f05ff..5d91a26c7 100644
--- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs
+++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs
@@ -195,6 +195,9 @@ pub struct PrometheusAgentSpec {
/// Default: "prometheus"
#[serde(default, skip_serializing_if = "Option::is_none", rename = "prometheusExternalLabelName")]
pub prometheus_external_label_name: Option,
+ /// Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadStrategy")]
+ pub reload_strategy: Option,
/// Defines the list of remote write configurations.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteWrite")]
pub remote_write: Option>,
@@ -2705,6 +2708,14 @@ pub struct PrometheusAgentProbeSelectorMatchExpressions {
pub values: Option>,
}
+/// Specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum PrometheusAgentReloadStrategy {
+ #[serde(rename = "HTTP")]
+ Http,
+ ProcessSignal,
+}
+
/// RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct PrometheusAgentRemoteWrite {
diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs
index 79aa2e710..ed53bb846 100644
--- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs
+++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs
@@ -1688,6 +1688,9 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsServiceKey {
/// PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct AlertmanagerConfigReceiversPushoverConfigs {
+ /// The name of a device to send the notification to
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub device: Option,
/// How long your notification will continue to be retried for, unless the user acknowledges the notification.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub expire: Option,
diff --git a/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs b/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs
index e1d66b5a7..6dcbf3056 100644
--- a/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs
+++ b/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/hardbyte/netchecks/netchecks.io/v1/networkassertions.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
-
-
+use kube::CustomResource;
+use serde::{Serialize, Deserialize};
+use std::collections::BTreeMap;
diff --git a/kube-custom-resources-rs/src/network_openshift_io/v1/clusternetworks.rs b/kube-custom-resources-rs/src/network_openshift_io/v1/clusternetworks.rs
index a28f435aa..e365b205c 100644
--- a/kube-custom-resources-rs/src/network_openshift_io/v1/clusternetworks.rs
+++ b/kube-custom-resources-rs/src/network_openshift_io/v1/clusternetworks.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/network.openshift.io/v1/clusternetworks.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
+use kube::CustomResource;
use serde::{Serialize, Deserialize};
/// ClusterNetworkEntry defines an individual cluster network. The CIDRs cannot overlap with other cluster network CIDRs, CIDRs reserved for external ips, CIDRs reserved for service networks, and CIDRs reserved for ingress ips.
diff --git a/kube-custom-resources-rs/src/network_openshift_io/v1/hostsubnets.rs b/kube-custom-resources-rs/src/network_openshift_io/v1/hostsubnets.rs
index 7cb14d256..9bfc68266 100644
--- a/kube-custom-resources-rs/src/network_openshift_io/v1/hostsubnets.rs
+++ b/kube-custom-resources-rs/src/network_openshift_io/v1/hostsubnets.rs
@@ -2,6 +2,6 @@
// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/network.openshift.io/v1/hostsubnets.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
-
+use kube::CustomResource;
+use serde::{Serialize, Deserialize};
diff --git a/kube-custom-resources-rs/src/network_openshift_io/v1/netnamespaces.rs b/kube-custom-resources-rs/src/network_openshift_io/v1/netnamespaces.rs
index c50e2fabe..4b8d886c0 100644
--- a/kube-custom-resources-rs/src/network_openshift_io/v1/netnamespaces.rs
+++ b/kube-custom-resources-rs/src/network_openshift_io/v1/netnamespaces.rs
@@ -2,6 +2,6 @@
// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/network.openshift.io/v1/netnamespaces.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
-
+use kube::CustomResource;
+use serde::{Serialize, Deserialize};
diff --git a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/mod.rs b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/mod.rs
index 700e97f78..8dce744b4 100644
--- a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/mod.rs
+++ b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/mod.rs
@@ -1,3 +1,4 @@
pub mod v1;
pub mod v1beta1;
pub mod v1beta2;
+pub mod v1beta3;
diff --git a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs
new file mode 100644
index 000000000..771840275
--- /dev/null
+++ b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs
@@ -0,0 +1,90 @@
+// WARNING: generated by kopium - manual changes will be overwritten
+// kopium command: kopium --docs --filename=./crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml --derive=Default --derive=PartialEq
+// kopium version: 0.16.2
+
+use kube::CustomResource;
+use serde::{Serialize, Deserialize};
+use std::collections::BTreeMap;
+
+/// AlertSpec defines an alerting rule for events involving a list of objects.
+#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+#[kube(group = "notification.toolkit.fluxcd.io", version = "v1beta3", kind = "Alert", plural = "alerts")]
+#[kube(namespaced)]
+#[kube(schema = "disabled")]
+pub struct AlertSpec {
+ /// EventMetadata is an optional field for adding metadata to events dispatched by the controller. This can be used for enhancing the context of the event. If a field would override one already present on the original event as generated by the emitter, then the override doesn't happen, i.e. the original value is preserved, and an info log is printed.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventMetadata")]
+ pub event_metadata: Option>,
+ /// EventSeverity specifies how to filter events based on severity. If set to 'info' no events will be filtered.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventSeverity")]
+ pub event_severity: Option,
+ /// EventSources specifies how to filter events based on the involved object kind, name and namespace.
+ #[serde(rename = "eventSources")]
+ pub event_sources: Vec,
+ /// ExclusionList specifies a list of Golang regular expressions to be used for excluding messages.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusionList")]
+ pub exclusion_list: Option>,
+ /// InclusionList specifies a list of Golang regular expressions to be used for including messages.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "inclusionList")]
+ pub inclusion_list: Option>,
+ /// ProviderRef specifies which Provider this Alert should use.
+ #[serde(rename = "providerRef")]
+ pub provider_ref: AlertProviderRef,
+ /// Summary holds a short description of the impact and affected cluster.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub summary: Option,
+ /// Suspend tells the controller to suspend subsequent events handling for this Alert.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub suspend: Option,
+}
+
+/// AlertSpec defines an alerting rule for events involving a list of objects.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum AlertEventSeverity {
+ #[serde(rename = "info")]
+ Info,
+ #[serde(rename = "error")]
+ Error,
+}
+
+/// CrossNamespaceObjectReference contains enough information to let you locate the typed referenced object at cluster level
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct AlertEventSources {
+ /// API version of the referent
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")]
+ pub api_version: Option,
+ /// Kind of the referent
+ pub kind: AlertEventSourcesKind,
+ /// MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. MatchLabels requires the name to be set to `*`.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")]
+ pub match_labels: Option>,
+ /// Name of the referent If multiple resources are targeted `*` may be set.
+ pub name: String,
+ /// Namespace of the referent
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub namespace: Option,
+}
+
+/// CrossNamespaceObjectReference contains enough information to let you locate the typed referenced object at cluster level
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum AlertEventSourcesKind {
+ Bucket,
+ GitRepository,
+ Kustomization,
+ HelmRelease,
+ HelmChart,
+ HelmRepository,
+ ImageRepository,
+ ImagePolicy,
+ ImageUpdateAutomation,
+ #[serde(rename = "OCIRepository")]
+ OciRepository,
+}
+
+/// ProviderRef specifies which Provider this Alert should use.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct AlertProviderRef {
+ /// Name of the referent.
+ pub name: String,
+}
+
diff --git a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/mod.rs b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/mod.rs
new file mode 100644
index 000000000..368a78aa5
--- /dev/null
+++ b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/mod.rs
@@ -0,0 +1,2 @@
+pub mod alerts;
+pub mod providers;
diff --git a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/providers.rs b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/providers.rs
new file mode 100644
index 000000000..fee912edd
--- /dev/null
+++ b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/providers.rs
@@ -0,0 +1,115 @@
+// WARNING: generated by kopium - manual changes will be overwritten
+// kopium command: kopium --docs --filename=./crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/providers.yaml --derive=Default --derive=PartialEq
+// kopium version: 0.16.2
+
+use kube::CustomResource;
+use serde::{Serialize, Deserialize};
+
+/// ProviderSpec defines the desired state of the Provider.
+#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+#[kube(group = "notification.toolkit.fluxcd.io", version = "v1beta3", kind = "Provider", plural = "providers")]
+#[kube(namespaced)]
+#[kube(schema = "disabled")]
+pub struct ProviderSpec {
+ /// Address specifies the endpoint, in a generic sense, to where alerts are sent. What kind of endpoint depends on the specific Provider type being used. For the generic Provider, for example, this is an HTTP/S address. For other Provider types this could be a project ID or a namespace.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub address: Option,
+ /// CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` key).
+ /// Note: Support for the `caFile` key has been deprecated.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")]
+ pub cert_secret_ref: Option,
+ /// Channel specifies the destination channel where events should be posted.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub channel: Option,
+ /// Proxy the HTTP/S address of the proxy server.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub proxy: Option,
+ /// SecretRef specifies the Secret containing the authentication credentials for this Provider.
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")]
+ pub secret_ref: Option,
+ /// Suspend tells the controller to suspend subsequent events handling for this Provider.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub suspend: Option,
+ /// Timeout for sending alerts to the Provider.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub timeout: Option,
+ /// Type specifies which Provider implementation to use.
+ #[serde(rename = "type")]
+ pub r#type: ProviderType,
+ /// Username specifies the name under which events are posted.
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub username: Option,
+}
+
+/// CertSecretRef specifies the Secret containing a PEM-encoded CA certificate (in the `ca.crt` key).
+/// Note: Support for the `caFile` key has been deprecated.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ProviderCertSecretRef {
+ /// Name of the referent.
+ pub name: String,
+}
+
+/// SecretRef specifies the Secret containing the authentication credentials for this Provider.
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct ProviderSecretRef {
+ /// Name of the referent.
+ pub name: String,
+}
+
+/// ProviderSpec defines the desired state of the Provider.
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub enum ProviderType {
+ #[serde(rename = "slack")]
+ Slack,
+ #[serde(rename = "discord")]
+ Discord,
+ #[serde(rename = "msteams")]
+ Msteams,
+ #[serde(rename = "rocket")]
+ Rocket,
+ #[serde(rename = "generic")]
+ Generic,
+ #[serde(rename = "generic-hmac")]
+ GenericHmac,
+ #[serde(rename = "github")]
+ Github,
+ #[serde(rename = "gitlab")]
+ Gitlab,
+ #[serde(rename = "gitea")]
+ Gitea,
+ #[serde(rename = "bitbucketserver")]
+ Bitbucketserver,
+ #[serde(rename = "bitbucket")]
+ Bitbucket,
+ #[serde(rename = "azuredevops")]
+ Azuredevops,
+ #[serde(rename = "googlechat")]
+ Googlechat,
+ #[serde(rename = "googlepubsub")]
+ Googlepubsub,
+ #[serde(rename = "webex")]
+ Webex,
+ #[serde(rename = "sentry")]
+ Sentry,
+ #[serde(rename = "azureeventhub")]
+ Azureeventhub,
+ #[serde(rename = "telegram")]
+ Telegram,
+ #[serde(rename = "lark")]
+ Lark,
+ #[serde(rename = "matrix")]
+ Matrix,
+ #[serde(rename = "opsgenie")]
+ Opsgenie,
+ #[serde(rename = "alertmanager")]
+ Alertmanager,
+ #[serde(rename = "grafana")]
+ Grafana,
+ #[serde(rename = "githubdispatch")]
+ Githubdispatch,
+ #[serde(rename = "pagerduty")]
+ Pagerduty,
+ #[serde(rename = "datadog")]
+ Datadog,
+}
+
diff --git a/kube-custom-resources-rs/src/operator_openshift_io/v1/ingresscontrollers.rs b/kube-custom-resources-rs/src/operator_openshift_io/v1/ingresscontrollers.rs
index c9e7df549..026e7b897 100644
--- a/kube-custom-resources-rs/src/operator_openshift_io/v1/ingresscontrollers.rs
+++ b/kube-custom-resources-rs/src/operator_openshift_io/v1/ingresscontrollers.rs
@@ -939,26 +939,26 @@ pub struct IngressControllerRouteSelectorMatchExpressions {
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct IngressControllerTlsSecurityProfile {
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
- /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+ /// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[serde(default, skip_serializing_if = "Option::is_none")]
pub custom: Option,
/// intermediate is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none")]
pub intermediate: Option,
/// modern is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13
/// NOTE: Currently unsupported.
#[serde(default, skip_serializing_if = "Option::is_none")]
pub modern: Option,
/// old is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
/// and looks like this (yaml):
- /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0
+ /// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10
#[serde(default, skip_serializing_if = "Option::is_none")]
pub old: Option,
/// type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:
@@ -970,7 +970,7 @@ pub struct IngressControllerTlsSecurityProfile {
}
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
-/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct IngressControllerTlsSecurityProfileCustom {
/// ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):
@@ -978,14 +978,14 @@ pub struct IngressControllerTlsSecurityProfileCustom {
#[serde(default, skip_serializing_if = "Option::is_none")]
pub ciphers: Option>,
/// minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
- /// minTLSVersion: TLSv1.1
+ /// minTLSVersion: VersionTLS11
/// NOTE: currently the highest minTLSVersion allowed is VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minTLSVersion")]
pub min_tls_version: Option,
}
/// custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:
-/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1
+/// ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: VersionTLS11
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum IngressControllerTlsSecurityProfileCustomMinTlsVersion {
#[serde(rename = "VersionTLS10")]
@@ -1001,7 +1001,7 @@ pub enum IngressControllerTlsSecurityProfileCustomMinTlsVersion {
/// intermediate is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: VersionTLS12
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct IngressControllerTlsSecurityProfileIntermediate {
}
@@ -1009,7 +1009,7 @@ pub struct IngressControllerTlsSecurityProfileIntermediate {
/// modern is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: VersionTLS13
/// NOTE: Currently unsupported.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct IngressControllerTlsSecurityProfileModern {
@@ -1018,7 +1018,7 @@ pub struct IngressControllerTlsSecurityProfileModern {
/// old is a TLS security profile based on:
/// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
/// and looks like this (yaml):
-/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0
+/// ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: VersionTLS10
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct IngressControllerTlsSecurityProfileOld {
}
@@ -1486,7 +1486,7 @@ pub struct IngressControllerStatusTlsProfile {
#[serde(default, skip_serializing_if = "Option::is_none")]
pub ciphers: Option>,
/// minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
- /// minTLSVersion: TLSv1.1
+ /// minTLSVersion: VersionTLS11
/// NOTE: currently the highest minTLSVersion allowed is VersionTLS12
#[serde(default, skip_serializing_if = "Option::is_none", rename = "minTLSVersion")]
pub min_tls_version: Option,
diff --git a/kube-custom-resources-rs/src/security_internal_openshift_io/v1/rangeallocations.rs b/kube-custom-resources-rs/src/security_internal_openshift_io/v1/rangeallocations.rs
index 84345ec86..44568d4ca 100644
--- a/kube-custom-resources-rs/src/security_internal_openshift_io/v1/rangeallocations.rs
+++ b/kube-custom-resources-rs/src/security_internal_openshift_io/v1/rangeallocations.rs
@@ -2,6 +2,6 @@
// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/security.internal.openshift.io/v1/rangeallocations.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
-
+use kube::CustomResource;
+use serde::{Serialize, Deserialize};
diff --git a/kube-custom-resources-rs/src/security_openshift_io/v1/securitycontextconstraints.rs b/kube-custom-resources-rs/src/security_openshift_io/v1/securitycontextconstraints.rs
index 8475471b2..64d906b19 100644
--- a/kube-custom-resources-rs/src/security_openshift_io/v1/securitycontextconstraints.rs
+++ b/kube-custom-resources-rs/src/security_openshift_io/v1/securitycontextconstraints.rs
@@ -2,7 +2,7 @@
// kopium command: kopium --docs --filename=./crd-catalog/openshift/api/security.openshift.io/v1/securitycontextconstraints.yaml --derive=Default --derive=PartialEq
// kopium version: 0.16.2
-
+use kube::CustomResource;
use serde::{Serialize, Deserialize};
/// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
diff --git a/kube-custom-resources-rs/src/slo_koordinator_sh/v1alpha1/nodemetrics.rs b/kube-custom-resources-rs/src/slo_koordinator_sh/v1alpha1/nodemetrics.rs
index 13d55beb7..d70fe6e07 100644
--- a/kube-custom-resources-rs/src/slo_koordinator_sh/v1alpha1/nodemetrics.rs
+++ b/kube-custom-resources-rs/src/slo_koordinator_sh/v1alpha1/nodemetrics.rs
@@ -511,6 +511,12 @@ pub struct NodeMetricStatusPodsMetric {
pub namespace: Option,
#[serde(default, skip_serializing_if = "Option::is_none", rename = "podUsage")]
pub pod_usage: Option,
+ /// Priority class of the application
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub priority: Option,
+ /// QoS class of the application
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub qos: Option,
}
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs b/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs
index b111d8728..fb48e9258 100644
--- a/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs
+++ b/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs
@@ -100,6 +100,9 @@ pub struct TestExecutionExecutionRequest {
/// Execution variables passed to executor from secrets. Deprecated: use Secret Variables instead
#[serde(default, skip_serializing_if = "Option::is_none", rename = "secretEnvs")]
pub secret_envs: Option>,
+ /// pod request body
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "slavePodRequest")]
+ pub slave_pod_request: Option,
/// whether to start execution sync or async
#[serde(default, skip_serializing_if = "Option::is_none")]
pub sync: Option,
@@ -234,6 +237,53 @@ pub enum TestExecutionExecutionRequestRunningContextType {
Testsuiteexecution,
}
+/// pod request body
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionExecutionRequestSlavePodRequest {
+ /// pod template extensions
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")]
+ pub pod_template: Option,
+ /// name of the template resource
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplateReference")]
+ pub pod_template_reference: Option,
+ /// pod resources request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub resources: Option,
+}
+
+/// pod resources request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionExecutionRequestSlavePodRequestResources {
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub limits: Option,
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub requests: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionExecutionRequestSlavePodRequestResourcesLimits {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionExecutionRequestSlavePodRequestResourcesRequests {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TestExecutionExecutionRequestVariables {
/// variable name
@@ -403,6 +453,9 @@ pub struct TestExecutionStatusLatestExecution {
/// running context for test or test suite execution
#[serde(default, skip_serializing_if = "Option::is_none", rename = "runningContext")]
pub running_context: Option,
+ /// pod request body
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "slavePodRequest")]
+ pub slave_pod_request: Option,
/// test start time
#[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")]
pub start_time: Option,
@@ -654,6 +707,53 @@ pub enum TestExecutionStatusLatestExecutionRunningContextType {
Testsuiteexecution,
}
+/// pod request body
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionStatusLatestExecutionSlavePodRequest {
+ /// pod template extensions
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")]
+ pub pod_template: Option,
+ /// name of the template resource
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplateReference")]
+ pub pod_template_reference: Option,
+ /// pod resources request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub resources: Option,
+}
+
+/// pod resources request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionStatusLatestExecutionSlavePodRequestResources {
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub limits: Option,
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub requests: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionStatusLatestExecutionSlavePodRequestResourcesLimits {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestExecutionStatusLatestExecutionSlavePodRequestResourcesRequests {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TestExecutionStatusLatestExecutionVariables {
/// variable name
diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs b/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs
index 173c582f2..5565dd051 100644
--- a/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs
+++ b/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs
@@ -367,6 +367,9 @@ pub struct TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecu
/// running context for test or test suite execution
#[serde(default, skip_serializing_if = "Option::is_none", rename = "runningContext")]
pub running_context: Option,
+ /// pod request body
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "slavePodRequest")]
+ pub slave_pod_request: Option,
/// test start time
#[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")]
pub start_time: Option,
@@ -621,6 +624,53 @@ pub enum TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecuti
Testsuiteexecution,
}
+/// pod request body
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecutionSlavePodRequest {
+ /// pod template extensions
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")]
+ pub pod_template: Option,
+ /// name of the template resource
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplateReference")]
+ pub pod_template_reference: Option,
+ /// pod resources request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub resources: Option,
+}
+
+/// pod resources request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecutionSlavePodRequestResources {
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub limits: Option,
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub requests: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecutionSlavePodRequestResourcesLimits {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecutionSlavePodRequestResourcesRequests {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TestSuiteExecutionStatusLatestExecutionExecuteStepResultsExecuteExecutionVariables {
/// variable name
@@ -869,6 +919,9 @@ pub struct TestSuiteExecutionStatusLatestExecutionStepResultsExecution {
/// running context for test or test suite execution
#[serde(default, skip_serializing_if = "Option::is_none", rename = "runningContext")]
pub running_context: Option,
+ /// pod request body
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "slavePodRequest")]
+ pub slave_pod_request: Option,
/// test start time
#[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")]
pub start_time: Option,
@@ -1123,6 +1176,53 @@ pub enum TestSuiteExecutionStatusLatestExecutionStepResultsExecutionRunningConte
Testsuiteexecution,
}
+/// pod request body
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionStepResultsExecutionSlavePodRequest {
+ /// pod template extensions
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")]
+ pub pod_template: Option,
+ /// name of the template resource
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplateReference")]
+ pub pod_template_reference: Option,
+ /// pod resources request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub resources: Option,
+}
+
+/// pod resources request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionStepResultsExecutionSlavePodRequestResources {
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub limits: Option,
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub requests: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionStepResultsExecutionSlavePodRequestResourcesLimits {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
+pub struct TestSuiteExecutionStatusLatestExecutionStepResultsExecutionSlavePodRequestResourcesRequests {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct TestSuiteExecutionStatusLatestExecutionStepResultsExecutionVariables {
/// variable name
diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs b/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs
index 334c1213b..f70856e0c 100644
--- a/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs
+++ b/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs
@@ -226,6 +226,9 @@ pub struct TestExecutionRequest {
/// Execution variables passed to executor from secrets. Deprecated: use Secret Variables instead
#[serde(default, skip_serializing_if = "Option::is_none", rename = "secretEnvs")]
pub secret_envs: Option>,
+ /// pod request body
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "slavePodRequest")]
+ pub slave_pod_request: Option,
/// whether to start execution sync or async
#[serde(default, skip_serializing_if = "Option::is_none")]
pub sync: Option,
@@ -330,6 +333,53 @@ pub struct TestExecutionRequestImagePullSecrets {
pub name: Option,
}
+/// pod request body
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct TestExecutionRequestSlavePodRequest {
+ /// pod template extensions
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")]
+ pub pod_template: Option,
+ /// name of the template resource
+ #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplateReference")]
+ pub pod_template_reference: Option,
+ /// pod resources request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub resources: Option,
+}
+
+/// pod resources request specification
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct TestExecutionRequestSlavePodRequestResources {
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub limits: Option,
+ /// resource request specification
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub requests: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct TestExecutionRequestSlavePodRequestResourcesLimits {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
+/// resource request specification
+#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
+pub struct TestExecutionRequestSlavePodRequestResourcesRequests {
+ /// requested cpu units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub cpu: Option,
+ /// requested memory units
+ #[serde(default, skip_serializing_if = "Option::is_none")]
+ pub memory: Option,
+}
+
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct TestExecutionRequestVariables {
/// variable name