From 81713565b77fecce2dca3e5ceabc066bc0c7fd41 Mon Sep 17 00:00:00 2001 From: sebhoss Date: Fri, 5 Apr 2024 10:06:21 +0000 Subject: [PATCH 1/2] Update upstream specifications to their latest version --- .../apps.3scale.net/v1alpha1/apimanagers.yaml | 952 +++++- .../v1beta1/proxyconfigpromotes.yaml | 2 +- .../kuadrant.io/v1alpha1/dnsrecords.yaml | 58 + .../awx.ansible.com/v1beta1/awxs.yaml | 11 +- .../v1alpha1/clusterinfoimports.yaml | 6 +- .../v1alpha1/clustersets.yaml | 10 +- .../v1alpha1/gateways.yaml | 6 +- .../v1alpha1/labelidentities.yaml | 10 +- .../v1alpha1/memberclusterannounces.yaml | 6 +- .../v1alpha1/resourceexports.yaml | 597 ++-- .../v1alpha1/resourceimports.yaml | 573 ++-- .../v1alpha2/clusterclaims.yaml | 6 +- .../v1alpha2/clustersets.yaml | 12 +- .../v1alpha1/configconstraints.yaml | 20 +- .../v1beta1/configconstraints.yaml | 386 +++ .../argoproj.io/v1alpha1/applicationsets.yaml | 6 - .../v1alpha1/platformendpoints.yaml | 2 + .../karpenter.sh/v1beta1/nodeclaims.yaml | 10 +- .../karpenter.sh/v1beta1/nodepools.yaml | 10 +- .../v2/ciliumclusterwidenetworkpolicies.yaml | 16 +- .../cilium.io/v2/ciliumnetworkpolicies.yaml | 16 +- .../v1/compositeresourcedefinitions.yaml | 2 +- .../v1/compositionrevisions.yaml | 2 +- .../v1/compositions.yaml | 2 +- .../v1beta1/compositionrevisions.yaml | 2 +- .../v1/configurationrevisions.yaml | 2 +- .../pkg.crossplane.io/v1/configurations.yaml | 2 +- .../v1/providerrevisions.yaml | 2 +- .../pkg.crossplane.io/v1/providers.yaml | 2 +- .../v1alpha1/controllerconfigs.yaml | 2 +- .../v1alpha1/storeconfigs.yaml | 2 +- .../v1beta1/clusterexternalsecrets.yaml | 36 +- .../v2beta2/helmreleases.yaml | 1 + .../v1beta1/grafanas.yaml | 7 + .../v5/teleportroles.yaml | 16 - .../v6/teleportroles.yaml | 16 - .../hazelcast.com/v1alpha1/hazelcasts.yaml | 5 +- .../v1alpha1/wanreplications.yaml | 3 + .../telemetry.istio.io/v1/telemetries.yaml | 303 ++ .../v1alpha1/cronfederatedhpas.yaml | 8 +- .../v1alpha1/federatedhpas.yaml | 14 +- .../resourceinterpretercustomizations.yaml | 10 +- ...ourceinterpreterwebhookconfigurations.yaml | 10 +- .../v1alpha1/multiclusteringresses.yaml | 10 +- .../v1alpha1/multiclusterservices.yaml | 8 +- .../v1alpha1/clusteroverridepolicies.yaml | 11 +- .../v1alpha1/clusterpropagationpolicies.yaml | 12 +- .../v1alpha1/federatedresourcequotas.yaml | 8 +- .../v1alpha1/overridepolicies.yaml | 11 +- .../v1alpha1/propagationpolicies.yaml | 12 +- .../v1alpha1/clusterresourcebindings.yaml | 8 +- .../v1alpha1/resourcebindings.yaml | 8 +- .../work.karmada.io/v1alpha1/works.yaml | 8 +- .../v1alpha2/clusterresourcebindings.yaml | 13 +- .../v1alpha2/resourcebindings.yaml | 13 +- .../v1alpha1/clusteroutputs.yaml | 4 + .../v1alpha1/outputs.yaml | 4 + .../v1beta1/clusteroutputs.yaml | 4 + .../v1beta1/outputs.yaml | 4 + .../v1/httproutes.yaml | 4 +- .../v1alpha2/grpcroutes.yaml | 4 +- .../v1alpha2/tcproutes.yaml | 4 +- .../v1alpha2/tlsroutes.yaml | 4 +- .../v1alpha2/udproutes.yaml | 4 +- .../v1beta1/httproutes.yaml | 4 +- .../jobset.x-k8s.io/v1alpha2/jobsets.yaml | 3 + .../kueue.x-k8s.io/v1beta1/clusterqueues.yaml | 2 +- .../kueue.x-k8s.io/v1beta1/localqueues.yaml | 5 + .../kueue.x-k8s.io/v1beta1/workloads.yaml | 2 + .../v1beta2/backingimagemanagers.yaml | 3 + .../longhorn.io/v1beta2/backingimages.yaml | 8 + .../v1beta1/flowcollectors.yaml | 22 + .../v1beta2/flowcollectors.yaml | 24 +- .../v1alpha1/configs.yaml | 10 +- .../v1alpha1/expansiontemplate.yaml | 18 +- .../v1beta1/expansiontemplate.yaml | 18 +- .../mutations.gatekeeper.sh/v1/assign.yaml | 70 +- .../v1/assignmetadata.yaml | 64 +- .../mutations.gatekeeper.sh/v1/modifyset.yaml | 68 +- .../v1alpha1/assign.yaml | 70 +- .../v1alpha1/assignimage.yaml | 68 +- .../v1alpha1/assignmetadata.yaml | 64 +- .../v1alpha1/modifyset.yaml | 68 +- .../v1beta1/assign.yaml | 70 +- .../v1beta1/assignmetadata.yaml | 64 +- .../v1beta1/modifyset.yaml | 68 +- .../v1beta1/constraintpodstatuses.yaml | 8 +- .../constrainttemplatepodstatuses.yaml | 8 +- .../v1beta1/expansiontemplatepodstatuses.yaml | 8 +- .../v1beta1/mutatorpodstatuses.yaml | 10 +- .../v1alpha1/instrumentations.yaml | 281 ++ .../v1alpha1/opampbridges.yaml | 508 +++ .../v1alpha1/opentelemetrycollectors.yaml | 1328 +++++++- .../v2/perconapgclusters.yaml | 12 + .../v1/perconaservermongodbbackups.yaml | 3 + .../v1/perconaservermongodbrestores.yaml | 3 + .../v1/perconaservermongodbs.yaml | 9 + .../v1/prometheuses.yaml | 2 + .../v1alpha1/prometheusagents.yaml | 2 + .../v1alpha1/scrapeconfigs.yaml | 1548 +++++++-- .../kuberay/ray.io/v1/rayjobs.yaml | 3 + .../rook/ceph.rook.io/v1/cephblockpools.yaml | 21 + .../ceph.rook.io/v1/cephbuckettopics.yaml | 3 + .../rook/ceph.rook.io/v1/cephclients.yaml | 3 + .../v1/cephfilesystemmirrors.yaml | 3 + .../v1/cephfilesystemsubvolumegroups.yaml | 3 + .../ceph.rook.io/v1/cephobjectstores.yaml | 11 +- .../ceph.rook.io/v1/cephobjectstoreusers.yaml | 3 + .../ceph.rook.io/v1/cephobjectzonegroups.yaml | 3 + .../rook/ceph.rook.io/v1/cephobjectzones.yaml | 3 + .../rook/ceph.rook.io/v1/cephrbdmirrors.yaml | 3 + .../gloo/gateway.solo.io/v1/routeoptions.yaml | 12 + .../velero/velero.io/v1/restores.yaml | 2 - .../flow.volcano.sh/v1alpha1/jobflows.yaml | 15 - .../v1alpha1/jobtemplates.yaml | 1152 ------- .../scheduling.volcano.sh/v1beta1/queues.yaml | 3 + .../apps_3scale_net/v1alpha1/apimanagers.rs | 680 +++- .../src/apps_kubeblocks_io/mod.rs | 1 + .../v1alpha1/configconstraints.rs | 28 +- .../v1beta1/configconstraints.rs | 403 +++ .../src/apps_kubeblocks_io/v1beta1/mod.rs | 1 + .../src/awx_ansible_com/v1beta1/awxs.rs | 11 +- .../v1beta1/proxyconfigpromotes.rs | 2 +- .../src/ceph_rook_io/v1/cephobjectstores.rs | 2 +- .../v2/ciliumclusterwidenetworkpolicies.rs | 16 +- .../src/cilium_io/v2/ciliumnetworkpolicies.rs | 16 +- .../v1alpha1/expansiontemplate.rs | 24 +- .../v1beta1/expansiontemplate.rs | 24 +- .../v1beta1/clusterexternalsecrets.rs | 37 + .../src/flow_volcano_sh/v1alpha1/jobflows.rs | 12 - .../flow_volcano_sh/v1alpha1/jobtemplates.rs | 1403 -------- .../v1beta1/flowcollectors.rs | 25 + .../v1beta2/flowcollectors.rs | 27 +- .../v1/httproutes.rs | 6 - .../v1alpha2/grpcroutes.rs | 6 - .../v1alpha2/tcproutes.rs | 6 - .../v1alpha2/tlsroutes.rs | 6 - .../v1alpha2/udproutes.rs | 6 - .../v1beta1/httproutes.rs | 6 - .../src/hazelcast_com/v1alpha1/hazelcasts.rs | 4 +- .../hazelcast_com/v1alpha1/wanreplications.rs | 3 + .../v2beta2/helmreleases.rs | 2 + .../src/jobset_x_k8s_io/v1alpha2/jobsets.rs | 3 + .../src/karpenter_sh/v1beta1/nodeclaims.rs | 4 +- .../src/karpenter_sh/v1beta1/nodepools.rs | 4 +- .../src/kuadrant_io/v1alpha1/dnsrecords.rs | 24 + .../kueue_x_k8s_io/v1beta1/clusterqueues.rs | 2 +- kube-custom-resources-rs/src/lib.rs | 6 + .../v1alpha1/clusteroutputs.rs | 4 + .../v1alpha1/outputs.rs | 4 + .../v1beta1/clusteroutputs.rs | 4 + .../logging_banzaicloud_io/v1beta1/outputs.rs | 4 + .../v1beta2/backingimagemanagers.rs | 2 + .../src/longhorn_io/v1beta2/backingimages.rs | 3 + .../v1alpha1/scrapeconfigs.rs | 1714 ++++++++-- .../v1alpha1/clustersets.rs | 6 +- .../v1alpha1/labelidentities.rs | 4 +- .../v1alpha1/resourceexports.rs | 1575 +++++++-- .../v1alpha1/resourceimports.rs | 1395 ++++++-- .../v1alpha2/clustersets.rs | 9 +- .../src/mutations_gatekeeper_sh/v1/assign.rs | 145 +- .../v1/assignmetadata.rs | 103 +- .../mutations_gatekeeper_sh/v1/modifyset.rs | 139 +- .../v1alpha1/assign.rs | 145 +- .../v1alpha1/assignimage.rs | 142 +- .../v1alpha1/assignmetadata.rs | 103 +- .../v1alpha1/modifyset.rs | 139 +- .../mutations_gatekeeper_sh/v1beta1/assign.rs | 145 +- .../v1beta1/assignmetadata.rs | 103 +- .../v1beta1/modifyset.rs | 139 +- .../v1alpha1/instrumentations.rs | 521 +++ .../opentelemetry_io/v1alpha1/opampbridges.rs | 1108 +++++++ .../v1alpha1/opentelemetrycollectors.rs | 2877 +++++++++++++++++ .../pgv2_percona_com/v2/perconapgclusters.rs | 12 + .../v1/perconaservermongodbbackups.rs | 2 + .../v1/perconaservermongodbrestores.rs | 2 + .../scheduling_volcano_sh/v1beta1/queues.rs | 3 + .../v1alpha1/platformendpoints.rs | 8 + .../v1beta1/constraintpodstatuses.rs | 4 +- .../v1beta1/constrainttemplatepodstatuses.rs | 4 +- .../v1beta1/expansiontemplatepodstatuses.rs | 4 +- .../v1beta1/mutatorpodstatuses.rs | 7 +- .../src/telemetry_istio_io/mod.rs | 1 + .../src/telemetry_istio_io/v1/mod.rs | 1 + .../src/telemetry_istio_io/v1/telemetries.rs | 306 ++ 185 files changed, 17315 insertions(+), 5460 deletions(-) create mode 100644 crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml create mode 100644 crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml create mode 100644 kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs create mode 100644 kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/mod.rs create mode 100644 kube-custom-resources-rs/src/telemetry_istio_io/v1/mod.rs create mode 100644 kube-custom-resources-rs/src/telemetry_istio_io/v1/telemetries.rs diff --git a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml index f8267201d..ed796f4e8 100644 --- a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml +++ b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml @@ -176,7 +176,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -206,6 +206,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -263,7 +275,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -293,6 +305,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -349,7 +373,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -379,6 +403,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -436,7 +472,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -466,6 +502,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -923,7 +971,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -953,6 +1001,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1010,7 +1070,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1040,6 +1100,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1096,7 +1168,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1126,6 +1198,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1183,7 +1267,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1213,6 +1297,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1664,7 +1760,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1694,6 +1790,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1751,7 +1859,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1781,6 +1889,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1837,7 +1957,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1867,6 +1987,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -1924,7 +2056,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1954,6 +2086,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -2280,7 +2424,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2310,6 +2454,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -2367,7 +2523,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2397,6 +2553,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -2453,7 +2621,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2483,6 +2651,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -2540,7 +2720,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2570,6 +2750,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -2895,7 +3087,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2925,6 +3117,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -2982,7 +3186,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3012,6 +3216,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -3068,7 +3284,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3098,6 +3314,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -3155,7 +3383,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3185,6 +3413,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -3512,7 +3752,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3542,6 +3782,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -3599,7 +3851,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3629,6 +3881,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -3685,7 +3949,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3715,6 +3979,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -3772,7 +4048,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3802,6 +4078,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -4183,7 +4471,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4213,6 +4501,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -4270,7 +4570,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4300,6 +4600,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -4356,7 +4668,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4386,6 +4698,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -4443,7 +4767,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4473,6 +4797,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -4874,7 +5210,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4904,6 +5240,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -4961,7 +5309,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4991,6 +5339,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -5047,7 +5407,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5077,6 +5437,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -5134,7 +5506,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5164,6 +5536,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -5508,7 +5892,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5538,6 +5922,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -5595,7 +5991,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5625,6 +6021,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -5681,7 +6089,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5711,6 +6119,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -5768,7 +6188,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5798,6 +6218,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6213,7 +6645,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6243,6 +6675,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6300,7 +6744,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6330,6 +6774,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6386,7 +6842,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6416,6 +6872,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6473,7 +6941,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6503,6 +6971,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6823,7 +7303,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6853,6 +7333,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6910,7 +7402,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6940,6 +7432,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -6996,7 +7500,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7026,6 +7530,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -7083,7 +7599,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7113,6 +7629,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -7440,7 +7968,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7470,6 +7998,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -7527,7 +8067,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7557,6 +8097,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -7613,7 +8165,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7643,6 +8195,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -7700,7 +8264,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7730,6 +8294,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8074,7 +8650,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8104,6 +8680,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8161,7 +8749,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8191,6 +8779,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8247,7 +8847,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8277,6 +8877,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8334,7 +8946,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8364,6 +8976,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8689,7 +9313,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8719,6 +9343,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8776,7 +9412,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8806,6 +9442,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8862,7 +9510,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8892,6 +9540,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -8949,7 +9609,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -8979,6 +9639,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -9300,7 +9972,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -9330,6 +10002,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -9387,7 +10071,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -9417,6 +10101,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -9473,7 +10169,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -9503,6 +10199,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -9560,7 +10268,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -9590,6 +10298,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -9912,7 +10632,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -9942,6 +10662,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -9999,7 +10731,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10029,6 +10761,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -10085,7 +10829,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10115,6 +10859,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -10172,7 +10928,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10202,6 +10958,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -10526,7 +11294,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10556,6 +11324,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -10613,7 +11393,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10643,6 +11423,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -10699,7 +11491,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10729,6 +11521,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: @@ -10786,7 +11590,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -10816,6 +11620,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml index 4e804b041..39c6eecbf 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml @@ -45,7 +45,7 @@ spec: description: "ProxyConfigPromoteStatus defines the observed state of ProxyConfigPromote" properties: conditions: - description: "Current state of the activedoc resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the ProxyConfigPromote resource. Conditions represent the latest available observations of an object's state" items: description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." properties: diff --git a/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml b/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml index 9d7a081cf..ca8e1dd28 100644 --- a/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml +++ b/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml @@ -75,6 +75,18 @@ spec: type: "object" minItems: 1 type: "array" + healthCheck: + description: "HealthCheckSpec configures health checks in the DNS provider. By default this health check will be applied to each unique DNS A Record for the listeners assigned to the target gateway" + properties: + endpoint: + type: "string" + failureThreshold: + type: "integer" + port: + type: "integer" + protocol: + type: "string" + type: "object" managedZone: description: "ManagedZoneReference holds a reference to a ManagedZone" properties: @@ -182,6 +194,52 @@ spec: type: "array" type: "object" type: "array" + healthCheck: + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition. This may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + type: "object" observedGeneration: description: "observedGeneration is the most recently observed generation of the DNSRecord. When the DNSRecord is updated, the controller updates the corresponding record in each managed zone. If an update for a particular zone fails, that failure is recorded in the status condition for the zone so that the controller can determine that it needs to retry the update for that specific zone." format: "int64" diff --git a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml index e6f10b83f..bd17b4367 100644 --- a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml +++ b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml @@ -729,9 +729,9 @@ spec: postgres_configuration_secret: description: "Secret where the database configuration can be found" type: "string" - postgres_data_path: - description: "Path where the PostgreSQL data are located" - type: "string" + postgres_data_volume_init: + description: "Sets permissions on the /var/lib/pgdata/data for postgres container using an init container (not Openshift)" + type: "boolean" postgres_extra_args: items: type: "string" @@ -748,8 +748,11 @@ spec: postgres_image_version: description: "PostgreSQL container image version to use" type: "string" + postgres_init_container_commands: + description: "Customize the postgres init container commands (Non Openshift)" + type: "string" postgres_init_container_resource_requirements: - description: "Resource requirements for the postgres init container" + description: "(Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container" properties: limits: properties: diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clusterinfoimports.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clusterinfoimports.yaml index 2917c8998..15c9678c1 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clusterinfoimports.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clusterinfoimports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "clusterinfoimports.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -30,10 +30,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clustersets.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clustersets.yaml index 19dd96eb1..5a5590242 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clustersets.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/clustersets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "clustersets.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -35,10 +35,10 @@ spec: description: "ClusterSet represents a ClusterSet." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -67,7 +67,7 @@ spec: minItems: 1 type: "array" members: - description: "Members include member clusters known to the leader clusters. Used in leader cluster." + description: "Members include member clusters known to the leader clusters.\nUsed in leader cluster." items: description: "MemberCluster defines member cluster information." properties: @@ -86,7 +86,7 @@ spec: type: "object" type: "array" namespace: - description: "The leader cluster Namespace in which the ClusterSet is defined. Used in member cluster." + description: "The leader cluster Namespace in which the ClusterSet is defined.\nUsed in member cluster." type: "string" required: - "leaders" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/gateways.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/gateways.yaml index aa0c6c18c..6824b27f6 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/gateways.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/gateways.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "gateways.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -31,7 +31,7 @@ spec: description: "Gateway includes information of a Multi-cluster Gateway." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" gatewayIP: description: "Cross-cluster tunnel IP of the Gateway." @@ -40,7 +40,7 @@ spec: description: "In-cluster tunnel IP of the Gateway." type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/labelidentities.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/labelidentities.yaml index f339cce22..830df62ab 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/labelidentities.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/labelidentities.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "labelidentities.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -28,13 +28,13 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "LabelIdentity is an imported label identity from the ClusterSet. For each unique label identity, a LabelIdentity will be created in the member cluster." + description: "LabelIdentity is an imported label identity from the ClusterSet.\nFor each unique label identity, a LabelIdentity will be created in the member cluster." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -45,7 +45,7 @@ spec: format: "int32" type: "integer" label: - description: "Label is the normalized string of a label identity. The format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)` E.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db`" + description: "Label is the normalized string of a label identity.\nThe format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)`\nE.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db`" type: "string" type: "object" type: "object" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/memberclusterannounces.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/memberclusterannounces.yaml index 316ad306a..69a8ca581 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/memberclusterannounces.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/memberclusterannounces.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "memberclusterannounces.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -31,7 +31,7 @@ spec: description: "MemberClusterAnnounce is the Schema for the memberclusterannounces API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" clusterID: description: "Cluster ID of the member cluster." @@ -40,7 +40,7 @@ spec: description: "ClusterSet this member belongs to." type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" leaderClusterID: description: "Leader cluster this member has selected." diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceexports.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceexports.yaml index 3406fed29..b14f8fd69 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceexports.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceexports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "resourceexports.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -39,10 +39,10 @@ spec: description: "ResourceExport is the Schema for the resourceexports API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -87,26 +87,26 @@ spec: description: "If exported resource is AntreaClusterNetworkPolicy." properties: appliedTo: - description: "Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule." + description: "Select workloads on which the rules will be applied to. Cannot be set in\nconjunction with AppliedTo in each rule." items: description: "AppliedTo describes the grouping selector of workloads in AppliedTo field." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin AppliedTo fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -118,28 +118,29 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" group: - description: "Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set as an\nAppliedTo in place of a stand-alone selector. A Group cannot\nbe set with any other selector." type: "string" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in AppliedTo fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -151,25 +152,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select Nodes in cluster as workloads in AppliedTo fields.\nCannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -181,25 +183,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nAppliedTo fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -211,11 +214,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" service: - description: "Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector." + description: "Select a certain Service which matches the NamespacedName.\nA Service can only be set in either policy level AppliedTo field in a policy\nthat only has ingress rules or rule level AppliedTo field in an ingress rule.\nOnly a NodePort Service can be referred by this field.\nCannot be set with any other selector." properties: name: type: "string" @@ -223,7 +227,7 @@ spec: type: "string" type: "object" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in AppliedTo fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -233,34 +237,34 @@ spec: type: "object" type: "array" egress: - description: "Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the `To` field but not the `From` field within a Rule." + description: "Set of egress rules evaluated based on the order in which they are set.\nCurrently Egress rule supports setting the `To` field but not the `From`\nfield within a Rule." items: - description: "Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol." + description: "Rule describes the traffic allowed to/from the workloads selected by\nSpec.AppliedTo. Based on the action specified in the rule, traffic is either\nallowed or denied which exactly match the specified ports and protocol." properties: action: description: "Action specifies the action to be applied on the rule." type: "string" appliedTo: - description: "Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." + description: "Select workloads on which this rule will be applied to. Cannot be set in\nconjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." items: description: "AppliedTo describes the grouping selector of workloads in AppliedTo field." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin AppliedTo fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -272,28 +276,29 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" group: - description: "Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set as an\nAppliedTo in place of a stand-alone selector. A Group cannot\nbe set with any other selector." type: "string" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in AppliedTo fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -305,25 +310,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select Nodes in cluster as workloads in AppliedTo fields.\nCannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -335,25 +341,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nAppliedTo fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -365,11 +372,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" service: - description: "Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector." + description: "Select a certain Service which matches the NamespacedName.\nA Service can only be set in either policy level AppliedTo field in a policy\nthat only has ingress rules or rule level AppliedTo field in an ingress rule.\nOnly a NodePort Service can be referred by this field.\nCannot be set with any other selector." properties: name: type: "string" @@ -377,7 +385,7 @@ spec: type: "string" type: "object" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in AppliedTo fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -387,29 +395,29 @@ spec: type: "object" type: "array" enableLogging: - description: "EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false." + description: "EnableLogging is used to indicate if agent should generate logs\nwhen rules are matched. Should be default to false." type: "boolean" from: - description: "Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources." + description: "Rule is matched if traffic originates from workloads selected by\nthis field. If this field is empty, this rule matches all sources." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -421,40 +429,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -466,37 +475,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -508,25 +518,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -538,14 +549,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -555,24 +567,24 @@ spec: type: "object" type: "array" l7Protocols: - description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic." + description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow.\nWhen this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the\n5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the\ntraffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any\nrules after a layer 7 rule will not be enforced for the traffic." items: properties: http: - description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests." + description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together.\nIf all fields are not provided, it matches all HTTP requests." properties: host: - description: "Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host." + description: "Host represents the hostname present in the URI or the HTTP Host header to match.\nIt does not contain the port associated with the host." type: "string" method: - description: "Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." + description: "Method represents the HTTP method to match.\nIt could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." type: "string" path: description: "Path represents the URI path to match (Ex. \"/index.html\", \"/admin\")." type: "string" type: "object" tls: - description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets." + description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this\nmatches all TLS handshake packets." properties: sni: description: "SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message." @@ -584,44 +596,44 @@ spec: description: "LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs." type: "string" name: - description: "Name describes the intention of this rule. Name should be unique within the policy." + description: "Name describes the intention of this rule.\nName should be unique within the policy." type: "string" ports: - description: "Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports." + description: "Set of ports and protocols matched by the rule. If this field and Protocols\nare unset or empty, this rule matches all ports." items: description: "NetworkPolicyPort describes the port and protocol to match in a rule." properties: endPort: - description: "EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified." + description: "EndPort defines the end of the port range, inclusive.\nIt can only be specified when a numerical `port` is specified." format: "int32" type: "integer" port: anyOf: - type: "integer" - type: "string" - description: "The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers." + description: "The port on the given protocol. This can be either a numerical\nor named port on a Pod. If this field is not provided, this\nmatches all port names and numbers." x-kubernetes-int-or-string: true protocol: default: "TCP" - description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP." + description: "The protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." type: "string" sourceEndPort: - description: "SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified." + description: "SourceEndPort defines the end of the source port range, inclusive.\nIt can only be specified when `sourcePort` is specified." format: "int32" type: "integer" sourcePort: - description: "The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports." + description: "The source port on the given protocol. This can only be a numerical port.\nIf this field is not provided, rule matches all source ports." format: "int32" type: "integer" type: "object" type: "array" protocols: - description: "Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported." + description: "Set of protocols matched by the rule. If this field and Ports are unset or\nempty, this rule matches all protocols supported." items: - description: "NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field." + description: "NetworkPolicyProtocol defines additional protocols that are not supported by\n`ports`. All fields should be used as a standalone field." properties: icmp: - description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic." + description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All\nfields could be used alone or together. If all fields are not provided, this\nmatches all ICMP traffic." properties: icmpCode: format: "int32" @@ -631,7 +643,7 @@ spec: type: "integer" type: "object" igmp: - description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched." + description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must\nbe filled with:\nIGMPQuery int32 = 0x11\nIGMPReportV1 int32 = 0x12\nIGMPReportV2 int32 = 0x16\nIGMPReportV3 int32 = 0x22\nIf groupAddress is empty, all groupAddresses will be matched." properties: groupAddress: type: "string" @@ -642,26 +654,26 @@ spec: type: "object" type: "array" to: - description: "Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations." + description: "Rule is matched if traffic is intended for workloads selected by\nthis field. This field can't be used with ToServices. If this field\nand ToServices are both empty or missing this rule matches all destinations." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -673,40 +685,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -718,37 +731,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -760,25 +774,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -790,14 +805,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -807,9 +823,9 @@ spec: type: "object" type: "array" toServices: - description: "Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations." + description: "Rule is matched if traffic is intended for a Service listed in this field.\nCurrently, only ClusterIP types Services are supported in this field.\nWhen scope is set to ClusterSet, it matches traffic intended for a multi-cluster\nService listed in this field. Service name and Namespace provided should match\nthe original exported Service.\nThis field can only be used when AntreaProxy is enabled. This field can't be used\nwith To or Ports. If this field and To are both empty or missing, this rule matches\nall destinations." items: - description: "PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service." + description: "PeerService refers to a Service, which can be a in-cluster Service or\nimported multi-cluster service." properties: name: type: "string" @@ -824,34 +840,34 @@ spec: type: "object" type: "array" ingress: - description: "Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the `From` field but not the `To` field within a Rule." + description: "Set of ingress rules evaluated based on the order in which they are set.\nCurrently Ingress rule supports setting the `From` field but not the `To`\nfield within a Rule." items: - description: "Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol." + description: "Rule describes the traffic allowed to/from the workloads selected by\nSpec.AppliedTo. Based on the action specified in the rule, traffic is either\nallowed or denied which exactly match the specified ports and protocol." properties: action: description: "Action specifies the action to be applied on the rule." type: "string" appliedTo: - description: "Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." + description: "Select workloads on which this rule will be applied to. Cannot be set in\nconjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." items: description: "AppliedTo describes the grouping selector of workloads in AppliedTo field." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin AppliedTo fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -863,28 +879,29 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" group: - description: "Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set as an\nAppliedTo in place of a stand-alone selector. A Group cannot\nbe set with any other selector." type: "string" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in AppliedTo fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -896,25 +913,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select Nodes in cluster as workloads in AppliedTo fields.\nCannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -926,25 +944,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nAppliedTo fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -956,11 +975,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" service: - description: "Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector." + description: "Select a certain Service which matches the NamespacedName.\nA Service can only be set in either policy level AppliedTo field in a policy\nthat only has ingress rules or rule level AppliedTo field in an ingress rule.\nOnly a NodePort Service can be referred by this field.\nCannot be set with any other selector." properties: name: type: "string" @@ -968,7 +988,7 @@ spec: type: "string" type: "object" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in AppliedTo fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -978,29 +998,29 @@ spec: type: "object" type: "array" enableLogging: - description: "EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false." + description: "EnableLogging is used to indicate if agent should generate logs\nwhen rules are matched. Should be default to false." type: "boolean" from: - description: "Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources." + description: "Rule is matched if traffic originates from workloads selected by\nthis field. If this field is empty, this rule matches all sources." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1012,40 +1032,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1057,37 +1078,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1099,25 +1121,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1129,14 +1152,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -1146,24 +1170,24 @@ spec: type: "object" type: "array" l7Protocols: - description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic." + description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow.\nWhen this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the\n5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the\ntraffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any\nrules after a layer 7 rule will not be enforced for the traffic." items: properties: http: - description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests." + description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together.\nIf all fields are not provided, it matches all HTTP requests." properties: host: - description: "Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host." + description: "Host represents the hostname present in the URI or the HTTP Host header to match.\nIt does not contain the port associated with the host." type: "string" method: - description: "Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." + description: "Method represents the HTTP method to match.\nIt could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." type: "string" path: description: "Path represents the URI path to match (Ex. \"/index.html\", \"/admin\")." type: "string" type: "object" tls: - description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets." + description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this\nmatches all TLS handshake packets." properties: sni: description: "SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message." @@ -1175,44 +1199,44 @@ spec: description: "LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs." type: "string" name: - description: "Name describes the intention of this rule. Name should be unique within the policy." + description: "Name describes the intention of this rule.\nName should be unique within the policy." type: "string" ports: - description: "Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports." + description: "Set of ports and protocols matched by the rule. If this field and Protocols\nare unset or empty, this rule matches all ports." items: description: "NetworkPolicyPort describes the port and protocol to match in a rule." properties: endPort: - description: "EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified." + description: "EndPort defines the end of the port range, inclusive.\nIt can only be specified when a numerical `port` is specified." format: "int32" type: "integer" port: anyOf: - type: "integer" - type: "string" - description: "The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers." + description: "The port on the given protocol. This can be either a numerical\nor named port on a Pod. If this field is not provided, this\nmatches all port names and numbers." x-kubernetes-int-or-string: true protocol: default: "TCP" - description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP." + description: "The protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." type: "string" sourceEndPort: - description: "SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified." + description: "SourceEndPort defines the end of the source port range, inclusive.\nIt can only be specified when `sourcePort` is specified." format: "int32" type: "integer" sourcePort: - description: "The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports." + description: "The source port on the given protocol. This can only be a numerical port.\nIf this field is not provided, rule matches all source ports." format: "int32" type: "integer" type: "object" type: "array" protocols: - description: "Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported." + description: "Set of protocols matched by the rule. If this field and Ports are unset or\nempty, this rule matches all protocols supported." items: - description: "NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field." + description: "NetworkPolicyProtocol defines additional protocols that are not supported by\n`ports`. All fields should be used as a standalone field." properties: icmp: - description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic." + description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All\nfields could be used alone or together. If all fields are not provided, this\nmatches all ICMP traffic." properties: icmpCode: format: "int32" @@ -1222,7 +1246,7 @@ spec: type: "integer" type: "object" igmp: - description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched." + description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must\nbe filled with:\nIGMPQuery int32 = 0x11\nIGMPReportV1 int32 = 0x12\nIGMPReportV2 int32 = 0x16\nIGMPReportV3 int32 = 0x22\nIf groupAddress is empty, all groupAddresses will be matched." properties: groupAddress: type: "string" @@ -1233,26 +1257,26 @@ spec: type: "object" type: "array" to: - description: "Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations." + description: "Rule is matched if traffic is intended for workloads selected by\nthis field. This field can't be used with ToServices. If this field\nand ToServices are both empty or missing this rule matches all destinations." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1264,40 +1288,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1309,37 +1334,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1351,25 +1377,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1381,14 +1408,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -1398,9 +1426,9 @@ spec: type: "object" type: "array" toServices: - description: "Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations." + description: "Rule is matched if traffic is intended for a Service listed in this field.\nCurrently, only ClusterIP types Services are supported in this field.\nWhen scope is set to ClusterSet, it matches traffic intended for a multi-cluster\nService listed in this field. Service name and Namespace provided should match\nthe original exported Service.\nThis field can only be used when AntreaProxy is enabled. This field can't be used\nwith To or Ports. If this field and To are both empty or missing, this rule matches\nall destinations." items: - description: "PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service." + description: "PeerService refers to a Service, which can be a in-cluster Service or\nimported multi-cluster service." properties: name: type: "string" @@ -1415,10 +1443,10 @@ spec: type: "object" type: "array" priority: - description: "Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies." + description: "Priority specfies the order of the ClusterNetworkPolicy relative to\nother AntreaClusterNetworkPolicies." type: "number" tier: - description: "Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier's Priority and the ClusterNetworkPolicy's own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom." + description: "Tier specifies the tier to which this ClusterNetworkPolicy belongs to.\nThe ClusterNetworkPolicy order will be determined based on the\ncombination of the Tier's Priority and the ClusterNetworkPolicy's own\nPriority. If not specified, this policy will be created in the Application\nTier right above the K8s NetworkPolicy which resides at the bottom." type: "string" required: - "priority" @@ -1428,10 +1456,10 @@ spec: properties: subsets: items: - description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given: \n { Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}], Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}] } \n The resulting set of endpoints can be viewed as: \n a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], b: [ 10.10.1.1:309, 10.10.2.2:309 ]" + description: "EndpointSubset is a group of addresses with a common set of ports. The\nexpanded set of endpoints is the Cartesian product of Addresses x Ports.\nFor example, given:\n\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\n\nThe resulting set of endpoints can be viewed as:\n\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]" properties: addresses: - description: "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize." + description: "IP addresses which offer the related ports that are marked as ready. These endpoints\nshould be considered safe for load balancers and clients to utilize." items: description: "EndpointAddress is a tuple that describes single IP address." properties: @@ -1439,7 +1467,7 @@ spec: description: "The Hostname of this endpoint" type: "string" ip: - description: "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16)." + description: "The IP of this endpoint.\nMay not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10),\nor link-local multicast (224.0.0.0/24 or ff02::/16)." type: "string" nodeName: description: "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node." @@ -1451,30 +1479,32 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "ip" type: "object" + x-kubernetes-map-type: "atomic" type: "array" notReadyAddresses: - description: "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check." + description: "IP addresses which offer the related ports but are not currently marked as ready\nbecause they have not yet finished starting, have recently failed a readiness check,\nor have recently failed a liveness check." items: description: "EndpointAddress is a tuple that describes single IP address." properties: @@ -1482,7 +1512,7 @@ spec: description: "The Hostname of this endpoint" type: "string" ip: - description: "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16)." + description: "The IP of this endpoint.\nMay not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10),\nor link-local multicast (224.0.0.0/24 or ff02::/16)." type: "string" nodeName: description: "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node." @@ -1494,27 +1524,29 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "ip" type: "object" + x-kubernetes-map-type: "atomic" type: "array" ports: description: "Port numbers available on the related IP addresses." @@ -1522,10 +1554,10 @@ spec: description: "EndpointPort is a tuple that describes a single port." properties: appProtocol: - description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: \n * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). \n * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 \n * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port. This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined." + description: "The name of this port. This must match the 'name' field in the\ncorresponding ServicePort.\nMust be a DNS_LABEL.\nOptional only if one port is defined." type: "string" port: description: "The port number of the endpoint." @@ -1533,11 +1565,12 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP." + description: "The IP protocol for this port.\nMust be UDP, TCP, or SCTP.\nDefault is TCP." type: "string" required: - "port" type: "object" + x-kubernetes-map-type: "atomic" type: "array" type: "object" type: "array" @@ -1562,7 +1595,7 @@ spec: type: "object" type: "array" externalNode: - description: "ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity." + description: "ExternalNode is the opaque identifier of the agent/controller responsible\nfor additional processing or handling of this external entity." type: "string" ports: description: "Ports maintain the list of named ports." @@ -1578,7 +1611,7 @@ spec: type: "integer" protocol: default: "TCP" - description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP." + description: "The protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." type: "string" type: "object" type: "array" @@ -1613,69 +1646,69 @@ spec: description: "ServiceSpec describes the attributes that a user creates on a service." properties: allocateLoadBalancerNodePorts: - description: "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type." + description: "allocateLoadBalancerNodePorts defines if NodePorts will be automatically\nallocated for services with type LoadBalancer. Default is \"true\". It\nmay be set to \"false\" if the cluster load-balancer does not rely on\nNodePorts. If the caller requests specific NodePorts (by specifying a\nvalue), those requests will be respected, regardless of this field.\nThis field may only be set for services with type LoadBalancer and will\nbe cleared if the type is changed to any other type." type: "boolean" clusterIP: - description: "clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "clusterIP is the IP address of the service and is usually assigned\nrandomly. If an address is specified manually, is in-range (as per\nsystem configuration), and is not in use, it will be allocated to the\nservice; otherwise creation of the service will fail. This field may not\nbe changed through updates unless the type field is also being changed\nto ExternalName (which requires this field to be blank) or the type\nfield is being changed from ExternalName (in which case this field may\noptionally be specified, as describe above). Valid values are \"None\",\nempty string (\"\"), or a valid IP address. Setting this to \"None\" makes a\n\"headless service\" (no virtual IP), which is useful when direct endpoint\nconnections are preferred and proxying is not required. Only applies to\ntypes ClusterIP, NodePort, and LoadBalancer. If this field is specified\nwhen creating a Service of type ExternalName, creation will fail. This\nfield will be wiped when updating a Service to type ExternalName.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" clusterIPs: - description: "ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. \n This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "ClusterIPs is a list of IP addresses assigned to this service, and are\nusually assigned randomly. If an address is specified manually, is\nin-range (as per system configuration), and is not in use, it will be\nallocated to the service; otherwise creation of the service will fail.\nThis field may not be changed through updates unless the type field is\nalso being changed to ExternalName (which requires this field to be\nempty) or the type field is being changed from ExternalName (in which\ncase this field may optionally be specified, as describe above). Valid\nvalues are \"None\", empty string (\"\"), or a valid IP address. Setting\nthis to \"None\" makes a \"headless service\" (no virtual IP), which is\nuseful when direct endpoint connections are preferred and proxying is\nnot required. Only applies to types ClusterIP, NodePort, and\nLoadBalancer. If this field is specified when creating a Service of type\nExternalName, creation will fail. This field will be wiped when updating\na Service to type ExternalName. If this field is not specified, it will\nbe initialized from the clusterIP field. If this field is specified,\nclients must ensure that clusterIPs[0] and clusterIP have the same\nvalue.\n\n\nThis field may hold a maximum of two entries (dual-stack IPs, in either order).\nThese IPs must correspond to the values of the ipFamilies field. Both\nclusterIPs and ipFamilies are governed by the ipFamilyPolicy field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" externalIPs: - description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system." + description: "externalIPs is a list of IP addresses for which nodes in the cluster\nwill also accept traffic for this service. These IPs are not managed by\nKubernetes. The user is responsible for ensuring that traffic arrives\nat a node with this IP. A common example is external load-balancers\nthat are not part of the Kubernetes system." items: type: "string" type: "array" externalName: - description: "externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\"." + description: "externalName is the external reference that discovery mechanisms will\nreturn as an alias for this service (e.g. a DNS CNAME record). No\nproxying will be involved. Must be a lowercase RFC-1123 hostname\n(https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\"." type: "string" externalTrafficPolicy: - description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node." + description: "externalTrafficPolicy describes how nodes distribute service traffic they\nreceive on one of the Service's \"externally-facing\" addresses (NodePorts,\nExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure\nthe service in a way that assumes that external load balancers will take care\nof balancing the service traffic between nodes, and so each node will deliver\ntraffic only to the node-local endpoints of the service, without masquerading\nthe client source IP. (Traffic mistakenly sent to a node with no endpoints will\nbe dropped.) The default value, \"Cluster\", uses the standard behavior of\nrouting to all endpoints evenly (possibly modified by topology and other\nfeatures). Note that traffic sent to an External IP or LoadBalancer IP from\nwithin the cluster will always get \"Cluster\" semantics, but clients sending to\na NodePort from within the cluster may need to take traffic policy into account\nwhen picking a node." type: "string" healthCheckNodePort: - description: "healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set." + description: "healthCheckNodePort specifies the healthcheck nodePort for the service.\nThis only applies when type is set to LoadBalancer and\nexternalTrafficPolicy is set to Local. If a value is specified, is\nin-range, and is not in use, it will be used. If not specified, a value\nwill be automatically allocated. External systems (e.g. load-balancers)\ncan use this port to determine if a given node holds endpoints for this\nservice or not. If this field is specified when creating a Service\nwhich does not need it, creation will fail. This field will be wiped\nwhen updating a Service to no longer need it (e.g. changing type).\nThis field cannot be updated once set." format: "int32" type: "integer" internalTrafficPolicy: - description: "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features)." + description: "InternalTrafficPolicy describes how nodes distribute service traffic they\nreceive on the ClusterIP. If set to \"Local\", the proxy will assume that pods\nonly want to talk to endpoints of the service on the same node as the pod,\ndropping the traffic if there are no local endpoints. The default value,\n\"Cluster\", uses the standard behavior of routing to all endpoints evenly\n(possibly modified by topology and other features)." type: "string" ipFamilies: - description: "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName. \n This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field." + description: "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this\nservice. This field is usually assigned automatically based on cluster\nconfiguration and the ipFamilyPolicy field. If this field is specified\nmanually, the requested family is available in the cluster,\nand ipFamilyPolicy allows it, it will be used; otherwise creation of\nthe service will fail. This field is conditionally mutable: it allows\nfor adding or removing a secondary IP family, but it does not allow\nchanging the primary IP family of the Service. Valid values are \"IPv4\"\nand \"IPv6\". This field only applies to Services of types ClusterIP,\nNodePort, and LoadBalancer, and does apply to \"headless\" services.\nThis field will be wiped when updating a Service to type ExternalName.\n\n\nThis field may hold a maximum of two entries (dual-stack families, in\neither order). These families must correspond to the values of the\nclusterIPs field, if specified. Both clusterIPs and ipFamilies are\ngoverned by the ipFamilyPolicy field." items: - description: "IPFamily represents the IP Family (IPv4 or IPv6). This type is used to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies)." + description: "IPFamily represents the IP Family (IPv4 or IPv6). This type is used\nto express the family of an IP expressed by a type (e.g. service.spec.ipFamilies)." type: "string" type: "array" x-kubernetes-list-type: "atomic" ipFamilyPolicy: - description: "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName." + description: "IPFamilyPolicy represents the dual-stack-ness requested or required by\nthis Service. If there is no value provided, then this field will be set\nto SingleStack. Services can be \"SingleStack\" (a single IP family),\n\"PreferDualStack\" (two IP families on dual-stack configured clusters or\na single IP family on single-stack clusters), or \"RequireDualStack\"\n(two IP families on dual-stack configured clusters, otherwise fail). The\nipFamilies and clusterIPs fields depend on the value of this field. This\nfield will be wiped when updating a service to type ExternalName." type: "string" loadBalancerClass: - description: "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type." + description: "loadBalancerClass is the class of the load balancer implementation this Service belongs to.\nIf specified, the value of this field must be a label-style identifier, with an optional prefix,\ne.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users.\nThis field can only be set when the Service type is 'LoadBalancer'. If not set, the default load\nbalancer implementation is used, today this is typically done through the cloud provider integration,\nbut should apply for any default implementation. If set, it is assumed that a load balancer\nimplementation is watching for Services with a matching class. Any default load balancer\nimplementation (e.g. cloud providers) should ignore Services that set this field.\nThis field can only be set when creating or updating a Service to type 'LoadBalancer'.\nOnce set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type." type: "string" loadBalancerIP: - description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available." + description: "Only applies to Service Type: LoadBalancer.\nThis feature depends on whether the underlying cloud-provider supports specifying\nthe loadBalancerIP when a load balancer is created.\nThis field will be ignored if the cloud-provider does not support the feature.\nDeprecated: This field was under-specified and its meaning varies across implementations.\nUsing it is non-portable and it may not support dual-stack.\nUsers are encouraged to use implementation-specific annotations when available." type: "string" loadBalancerSourceRanges: - description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" + description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider\nload-balancer will be restricted to the specified client IPs. This field will be ignored if the\ncloud-provider does not support the feature.\"\nMore info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" items: type: "string" type: "array" ports: - description: "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "The list of ports that are exposed by this service.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" items: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: \n * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). \n * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 \n * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" nodePort: - description: "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system. If a value is\nspecified, in-range, and not in use it will be used, otherwise the\noperation will fail. If not specified, a port will be allocated if this\nService requires one. If this field is specified when creating a\nService which does not need it, creation will fail. This field will be\nwiped when updating a Service to no longer need it (e.g. changing type\nfrom NodePort to ClusterIP).\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" port: @@ -1684,13 +1717,13 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\nIf this is a string, it will be looked up as a named port in the\ntarget Pod's container ports. If this is not specified, the value\nof the 'port' field is used (an identity map).\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the 'port' field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" x-kubernetes-int-or-string: true required: - "port" @@ -1701,16 +1734,16 @@ spec: - "protocol" x-kubernetes-list-type: "map" publishNotReadyAddresses: - description: "publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior." + description: "publishNotReadyAddresses indicates that any agent which deals with endpoints for this\nService should disregard any indications of ready/not-ready.\nThe primary use case for setting this field is for a StatefulSet's Headless Service to\npropagate SRV DNS records for its Pods for the purpose of peer discovery.\nThe Kubernetes controllers that generate Endpoints and EndpointSlice resources for\nServices interpret this to mean that all endpoints are considered \"ready\" even if the\nPods themselves are not. Agents which consume only Kubernetes generated endpoints\nthrough the Endpoints or EndpointSlice resources can safely assume this behavior." type: "boolean" selector: additionalProperties: type: "string" - description: "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/" + description: "Route service traffic to pods with label keys and values matching this\nselector. If empty or not present, the service is assumed to have an\nexternal process managing its endpoints, which Kubernetes will not\nmodify. Only applies to types ClusterIP, NodePort, and LoadBalancer.\nIgnored if type is ExternalName.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/" type: "object" x-kubernetes-map-type: "atomic" sessionAffinity: - description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity.\nEnable client IP based session affinity.\nMust be ClientIP or None.\nDefaults to None.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" sessionAffinityConfig: description: "sessionAffinityConfig contains the configurations of session affinity." @@ -1719,13 +1752,13 @@ spec: description: "clientIP contains the configurations of Client IP based session affinity." properties: timeoutSeconds: - description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours)." + description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time.\nThe value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\".\nDefault value is 10800(for 3 hours)." format: "int32" type: "integer" type: "object" type: "object" type: - description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" + description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid\noptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.\n\"ClusterIP\" allocates a cluster-internal IP address for load-balancing\nto endpoints. Endpoints are determined by the selector or if that is not\nspecified, by manual construction of an Endpoints object or\nEndpointSlice objects. If clusterIP is \"None\", no virtual IP is\nallocated and the endpoints are published as a set of endpoints rather\nthan a virtual IP.\n\"NodePort\" builds on ClusterIP and allocates a port on every node which\nroutes to the same endpoints as the clusterIP.\n\"LoadBalancer\" builds on NodePort and creates an external load-balancer\n(if supported in the current cloud) which routes to the same endpoints\nas the clusterIP.\n\"ExternalName\" aliases this service to the specified externalName.\nSeveral other fields do not apply to ExternalName services.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" type: "string" type: "object" type: "object" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceimports.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceimports.yaml index 53c66e73d..3b98c07e6 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceimports.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha1/resourceimports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "resourceimports.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -35,10 +35,10 @@ spec: description: "ResourceImport is the Schema for the resourceimports API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: description: "ResourceImportSpec defines the desired state of ResourceImport." properties: clusterID: - description: "ClusterIDs specifies the member clusters this resource to import to. When not specified, import to all member clusters." + description: "ClusterIDs specifies the member clusters this resource to import to.\nWhen not specified, import to all member clusters." items: type: "string" type: "array" @@ -85,26 +85,26 @@ spec: description: "If imported resource is AntreaClusterNetworkPolicy." properties: appliedTo: - description: "Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule." + description: "Select workloads on which the rules will be applied to. Cannot be set in\nconjunction with AppliedTo in each rule." items: description: "AppliedTo describes the grouping selector of workloads in AppliedTo field." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin AppliedTo fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -116,28 +116,29 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" group: - description: "Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set as an\nAppliedTo in place of a stand-alone selector. A Group cannot\nbe set with any other selector." type: "string" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in AppliedTo fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -149,25 +150,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select Nodes in cluster as workloads in AppliedTo fields.\nCannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -179,25 +181,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nAppliedTo fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -209,11 +212,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" service: - description: "Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector." + description: "Select a certain Service which matches the NamespacedName.\nA Service can only be set in either policy level AppliedTo field in a policy\nthat only has ingress rules or rule level AppliedTo field in an ingress rule.\nOnly a NodePort Service can be referred by this field.\nCannot be set with any other selector." properties: name: type: "string" @@ -221,7 +225,7 @@ spec: type: "string" type: "object" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in AppliedTo fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -231,34 +235,34 @@ spec: type: "object" type: "array" egress: - description: "Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the `To` field but not the `From` field within a Rule." + description: "Set of egress rules evaluated based on the order in which they are set.\nCurrently Egress rule supports setting the `To` field but not the `From`\nfield within a Rule." items: - description: "Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol." + description: "Rule describes the traffic allowed to/from the workloads selected by\nSpec.AppliedTo. Based on the action specified in the rule, traffic is either\nallowed or denied which exactly match the specified ports and protocol." properties: action: description: "Action specifies the action to be applied on the rule." type: "string" appliedTo: - description: "Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." + description: "Select workloads on which this rule will be applied to. Cannot be set in\nconjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." items: description: "AppliedTo describes the grouping selector of workloads in AppliedTo field." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin AppliedTo fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -270,28 +274,29 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" group: - description: "Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set as an\nAppliedTo in place of a stand-alone selector. A Group cannot\nbe set with any other selector." type: "string" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in AppliedTo fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -303,25 +308,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select Nodes in cluster as workloads in AppliedTo fields.\nCannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -333,25 +339,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nAppliedTo fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -363,11 +370,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" service: - description: "Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector." + description: "Select a certain Service which matches the NamespacedName.\nA Service can only be set in either policy level AppliedTo field in a policy\nthat only has ingress rules or rule level AppliedTo field in an ingress rule.\nOnly a NodePort Service can be referred by this field.\nCannot be set with any other selector." properties: name: type: "string" @@ -375,7 +383,7 @@ spec: type: "string" type: "object" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in AppliedTo fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -385,29 +393,29 @@ spec: type: "object" type: "array" enableLogging: - description: "EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false." + description: "EnableLogging is used to indicate if agent should generate logs\nwhen rules are matched. Should be default to false." type: "boolean" from: - description: "Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources." + description: "Rule is matched if traffic originates from workloads selected by\nthis field. If this field is empty, this rule matches all sources." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -419,40 +427,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -464,37 +473,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -506,25 +516,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -536,14 +547,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -553,24 +565,24 @@ spec: type: "object" type: "array" l7Protocols: - description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic." + description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow.\nWhen this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the\n5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the\ntraffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any\nrules after a layer 7 rule will not be enforced for the traffic." items: properties: http: - description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests." + description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together.\nIf all fields are not provided, it matches all HTTP requests." properties: host: - description: "Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host." + description: "Host represents the hostname present in the URI or the HTTP Host header to match.\nIt does not contain the port associated with the host." type: "string" method: - description: "Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." + description: "Method represents the HTTP method to match.\nIt could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." type: "string" path: description: "Path represents the URI path to match (Ex. \"/index.html\", \"/admin\")." type: "string" type: "object" tls: - description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets." + description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this\nmatches all TLS handshake packets." properties: sni: description: "SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message." @@ -582,44 +594,44 @@ spec: description: "LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs." type: "string" name: - description: "Name describes the intention of this rule. Name should be unique within the policy." + description: "Name describes the intention of this rule.\nName should be unique within the policy." type: "string" ports: - description: "Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports." + description: "Set of ports and protocols matched by the rule. If this field and Protocols\nare unset or empty, this rule matches all ports." items: description: "NetworkPolicyPort describes the port and protocol to match in a rule." properties: endPort: - description: "EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified." + description: "EndPort defines the end of the port range, inclusive.\nIt can only be specified when a numerical `port` is specified." format: "int32" type: "integer" port: anyOf: - type: "integer" - type: "string" - description: "The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers." + description: "The port on the given protocol. This can be either a numerical\nor named port on a Pod. If this field is not provided, this\nmatches all port names and numbers." x-kubernetes-int-or-string: true protocol: default: "TCP" - description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP." + description: "The protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." type: "string" sourceEndPort: - description: "SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified." + description: "SourceEndPort defines the end of the source port range, inclusive.\nIt can only be specified when `sourcePort` is specified." format: "int32" type: "integer" sourcePort: - description: "The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports." + description: "The source port on the given protocol. This can only be a numerical port.\nIf this field is not provided, rule matches all source ports." format: "int32" type: "integer" type: "object" type: "array" protocols: - description: "Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported." + description: "Set of protocols matched by the rule. If this field and Ports are unset or\nempty, this rule matches all protocols supported." items: - description: "NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field." + description: "NetworkPolicyProtocol defines additional protocols that are not supported by\n`ports`. All fields should be used as a standalone field." properties: icmp: - description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic." + description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All\nfields could be used alone or together. If all fields are not provided, this\nmatches all ICMP traffic." properties: icmpCode: format: "int32" @@ -629,7 +641,7 @@ spec: type: "integer" type: "object" igmp: - description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched." + description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must\nbe filled with:\nIGMPQuery int32 = 0x11\nIGMPReportV1 int32 = 0x12\nIGMPReportV2 int32 = 0x16\nIGMPReportV3 int32 = 0x22\nIf groupAddress is empty, all groupAddresses will be matched." properties: groupAddress: type: "string" @@ -640,26 +652,26 @@ spec: type: "object" type: "array" to: - description: "Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations." + description: "Rule is matched if traffic is intended for workloads selected by\nthis field. This field can't be used with ToServices. If this field\nand ToServices are both empty or missing this rule matches all destinations." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -671,40 +683,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -716,37 +729,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -758,25 +772,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -788,14 +803,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -805,9 +821,9 @@ spec: type: "object" type: "array" toServices: - description: "Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations." + description: "Rule is matched if traffic is intended for a Service listed in this field.\nCurrently, only ClusterIP types Services are supported in this field.\nWhen scope is set to ClusterSet, it matches traffic intended for a multi-cluster\nService listed in this field. Service name and Namespace provided should match\nthe original exported Service.\nThis field can only be used when AntreaProxy is enabled. This field can't be used\nwith To or Ports. If this field and To are both empty or missing, this rule matches\nall destinations." items: - description: "PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service." + description: "PeerService refers to a Service, which can be a in-cluster Service or\nimported multi-cluster service." properties: name: type: "string" @@ -822,34 +838,34 @@ spec: type: "object" type: "array" ingress: - description: "Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the `From` field but not the `To` field within a Rule." + description: "Set of ingress rules evaluated based on the order in which they are set.\nCurrently Ingress rule supports setting the `From` field but not the `To`\nfield within a Rule." items: - description: "Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol." + description: "Rule describes the traffic allowed to/from the workloads selected by\nSpec.AppliedTo. Based on the action specified in the rule, traffic is either\nallowed or denied which exactly match the specified ports and protocol." properties: action: description: "Action specifies the action to be applied on the rule." type: "string" appliedTo: - description: "Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." + description: "Select workloads on which this rule will be applied to. Cannot be set in\nconjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo." items: description: "AppliedTo describes the grouping selector of workloads in AppliedTo field." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin AppliedTo fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -861,28 +877,29 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" group: - description: "Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set as an\nAppliedTo in place of a stand-alone selector. A Group cannot\nbe set with any other selector." type: "string" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in AppliedTo fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -894,25 +911,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select Nodes in cluster as workloads in AppliedTo fields.\nCannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -924,25 +942,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nAppliedTo fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -954,11 +973,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" service: - description: "Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector." + description: "Select a certain Service which matches the NamespacedName.\nA Service can only be set in either policy level AppliedTo field in a policy\nthat only has ingress rules or rule level AppliedTo field in an ingress rule.\nOnly a NodePort Service can be referred by this field.\nCannot be set with any other selector." properties: name: type: "string" @@ -966,7 +986,7 @@ spec: type: "string" type: "object" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in AppliedTo fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -976,29 +996,29 @@ spec: type: "object" type: "array" enableLogging: - description: "EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false." + description: "EnableLogging is used to indicate if agent should generate logs\nwhen rules are matched. Should be default to false." type: "boolean" from: - description: "Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources." + description: "Rule is matched if traffic originates from workloads selected by\nthis field. If this field is empty, this rule matches all sources." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1010,40 +1030,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1055,37 +1076,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1097,25 +1119,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1127,14 +1150,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -1144,24 +1168,24 @@ spec: type: "object" type: "array" l7Protocols: - description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic." + description: "Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow.\nWhen this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the\n5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the\ntraffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any\nrules after a layer 7 rule will not be enforced for the traffic." items: properties: http: - description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests." + description: "HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together.\nIf all fields are not provided, it matches all HTTP requests." properties: host: - description: "Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host." + description: "Host represents the hostname present in the URI or the HTTP Host header to match.\nIt does not contain the port associated with the host." type: "string" method: - description: "Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." + description: "Method represents the HTTP method to match.\nIt could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH." type: "string" path: description: "Path represents the URI path to match (Ex. \"/index.html\", \"/admin\")." type: "string" type: "object" tls: - description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets." + description: "TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this\nmatches all TLS handshake packets." properties: sni: description: "SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message." @@ -1173,44 +1197,44 @@ spec: description: "LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs." type: "string" name: - description: "Name describes the intention of this rule. Name should be unique within the policy." + description: "Name describes the intention of this rule.\nName should be unique within the policy." type: "string" ports: - description: "Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports." + description: "Set of ports and protocols matched by the rule. If this field and Protocols\nare unset or empty, this rule matches all ports." items: description: "NetworkPolicyPort describes the port and protocol to match in a rule." properties: endPort: - description: "EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified." + description: "EndPort defines the end of the port range, inclusive.\nIt can only be specified when a numerical `port` is specified." format: "int32" type: "integer" port: anyOf: - type: "integer" - type: "string" - description: "The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers." + description: "The port on the given protocol. This can be either a numerical\nor named port on a Pod. If this field is not provided, this\nmatches all port names and numbers." x-kubernetes-int-or-string: true protocol: default: "TCP" - description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP." + description: "The protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." type: "string" sourceEndPort: - description: "SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified." + description: "SourceEndPort defines the end of the source port range, inclusive.\nIt can only be specified when `sourcePort` is specified." format: "int32" type: "integer" sourcePort: - description: "The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports." + description: "The source port on the given protocol. This can only be a numerical port.\nIf this field is not provided, rule matches all source ports." format: "int32" type: "integer" type: "object" type: "array" protocols: - description: "Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported." + description: "Set of protocols matched by the rule. If this field and Ports are unset or\nempty, this rule matches all protocols supported." items: - description: "NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field." + description: "NetworkPolicyProtocol defines additional protocols that are not supported by\n`ports`. All fields should be used as a standalone field." properties: icmp: - description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic." + description: "ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All\nfields could be used alone or together. If all fields are not provided, this\nmatches all ICMP traffic." properties: icmpCode: format: "int32" @@ -1220,7 +1244,7 @@ spec: type: "integer" type: "object" igmp: - description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched." + description: "IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must\nbe filled with:\nIGMPQuery int32 = 0x11\nIGMPReportV1 int32 = 0x12\nIGMPReportV2 int32 = 0x16\nIGMPReportV3 int32 = 0x22\nIf groupAddress is empty, all groupAddresses will be matched." properties: groupAddress: type: "string" @@ -1231,26 +1255,26 @@ spec: type: "object" type: "array" to: - description: "Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations." + description: "Rule is matched if traffic is intended for workloads selected by\nthis field. This field can't be used with ToServices. If this field\nand ToServices are both empty or missing this rule matches all destinations." items: description: "NetworkPolicyPeer describes the grouping selector of workloads." properties: externalEntitySelector: - description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select ExternalEntities from NetworkPolicy's Namespace as workloads\nin To/From fields. If set with NamespaceSelector,\nExternalEntities are matched from Namespaces matched by the\nNamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1262,40 +1286,41 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" fqdn: - description: "Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as \"google.com\". Wildcard expressions such as \"*wayfair.com\"." + description: "Restrict egress access to the Fully Qualified Domain Names prescribed\nby name or by wildcard match patterns. This field can only be set for\nNetworkPolicyPeer of egress rules.\nSupported formats are:\n Exact FQDNs such as \"google.com\".\n Wildcard expressions such as \"*wayfair.com\"." type: "string" group: - description: "Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector." + description: "Group is the name of the ClusterGroup which can be set within\nan Ingress or Egress rule in place of a stand-alone selector.\nA Group cannot be set with any other selector." type: "string" ipBlock: - description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector." + description: "IPBlock describes the IPAddresses/IPBlocks that is matched in to/from.\nIPBlock cannot be set as part of the AppliedTo field.\nCannot be set with any other selector." properties: cidr: - description: "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"." + description: "CIDR is a string representing the IP Block\nValid examples are \"192.168.1.1/24\"." type: "string" required: - "cidr" type: "object" namespaceSelector: - description: "Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces." + description: "Select all Pods from Namespaces matched by this selector, as\nworkloads in To/From fields. If set with PodSelector,\nPods are matched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. Cannot be set with Namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1307,37 +1332,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector." + description: "Select Pod/ExternalEntity from Namespaces matched by specific criteria.\nCurrent supported criteria is match: Self, which selects from the same\nNamespace of the appliedTo workloads.\nCannot be set with any other selector except PodSelector or\nExternalEntitySelector. This field can only be set when NetworkPolicyPeer\nis created for ClusterNetworkPolicy ingress/egress rules.\nCannot be set with NamespaceSelector." properties: match: description: "Selects from the same Namespace of the appliedTo workloads." type: "string" sameLabels: - description: "Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys." + description: "Selects Namespaces that share the same values for the given set of label keys\nwith the appliedTo Namespace. Namespaces must have all the label keys." items: type: "string" type: "array" type: "object" nodeSelector: - description: "Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector." + description: "Select certain Nodes which match the label selector.\nA NodeSelector cannot be set with any other selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1349,25 +1375,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" podSelector: - description: "Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector." + description: "Select Pods from NetworkPolicy's Namespace as workloads in\nTo/From fields. If set with NamespaceSelector, Pods are\nmatched from Namespaces matched by the NamespaceSelector.\nCannot be set with any other selector except NamespaceSelector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1379,14 +1406,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" scope: - description: "Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to \"Cluster\"." + description: "Define scope of the Pod/NamespaceSelector(s) of this peer.\nCan only be used in ingress NetworkPolicyPeers.\nDefaults to \"Cluster\"." type: "string" serviceAccount: - description: "Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector." + description: "Select all Pods with the ServiceAccount matched by this field, as\nworkloads in To/From fields.\nCannot be set with any other selector." properties: name: type: "string" @@ -1396,9 +1424,9 @@ spec: type: "object" type: "array" toServices: - description: "Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations." + description: "Rule is matched if traffic is intended for a Service listed in this field.\nCurrently, only ClusterIP types Services are supported in this field.\nWhen scope is set to ClusterSet, it matches traffic intended for a multi-cluster\nService listed in this field. Service name and Namespace provided should match\nthe original exported Service.\nThis field can only be used when AntreaProxy is enabled. This field can't be used\nwith To or Ports. If this field and To are both empty or missing, this rule matches\nall destinations." items: - description: "PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service." + description: "PeerService refers to a Service, which can be a in-cluster Service or\nimported multi-cluster service." properties: name: type: "string" @@ -1413,10 +1441,10 @@ spec: type: "object" type: "array" priority: - description: "Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies." + description: "Priority specfies the order of the ClusterNetworkPolicy relative to\nother AntreaClusterNetworkPolicies." type: "number" tier: - description: "Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier's Priority and the ClusterNetworkPolicy's own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom." + description: "Tier specifies the tier to which this ClusterNetworkPolicy belongs to.\nThe ClusterNetworkPolicy order will be determined based on the\ncombination of the Tier's Priority and the ClusterNetworkPolicy's own\nPriority. If not specified, this policy will be created in the Application\nTier right above the K8s NetworkPolicy which resides at the bottom." type: "string" required: - "priority" @@ -1426,10 +1454,10 @@ spec: properties: subsets: items: - description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given: \n { Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}], Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}] } \n The resulting set of endpoints can be viewed as: \n a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], b: [ 10.10.1.1:309, 10.10.2.2:309 ]" + description: "EndpointSubset is a group of addresses with a common set of ports. The\nexpanded set of endpoints is the Cartesian product of Addresses x Ports.\nFor example, given:\n\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\n\nThe resulting set of endpoints can be viewed as:\n\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]" properties: addresses: - description: "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize." + description: "IP addresses which offer the related ports that are marked as ready. These endpoints\nshould be considered safe for load balancers and clients to utilize." items: description: "EndpointAddress is a tuple that describes single IP address." properties: @@ -1437,7 +1465,7 @@ spec: description: "The Hostname of this endpoint" type: "string" ip: - description: "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16)." + description: "The IP of this endpoint.\nMay not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10),\nor link-local multicast (224.0.0.0/24 or ff02::/16)." type: "string" nodeName: description: "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node." @@ -1449,30 +1477,32 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "ip" type: "object" + x-kubernetes-map-type: "atomic" type: "array" notReadyAddresses: - description: "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check." + description: "IP addresses which offer the related ports but are not currently marked as ready\nbecause they have not yet finished starting, have recently failed a readiness check,\nor have recently failed a liveness check." items: description: "EndpointAddress is a tuple that describes single IP address." properties: @@ -1480,7 +1510,7 @@ spec: description: "The Hostname of this endpoint" type: "string" ip: - description: "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16)." + description: "The IP of this endpoint.\nMay not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10),\nor link-local multicast (224.0.0.0/24 or ff02::/16)." type: "string" nodeName: description: "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node." @@ -1492,27 +1522,29 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "ip" type: "object" + x-kubernetes-map-type: "atomic" type: "array" ports: description: "Port numbers available on the related IP addresses." @@ -1520,10 +1552,10 @@ spec: description: "EndpointPort is a tuple that describes a single port." properties: appProtocol: - description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: \n * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). \n * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 \n * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port. This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined." + description: "The name of this port. This must match the 'name' field in the\ncorresponding ServicePort.\nMust be a DNS_LABEL.\nOptional only if one port is defined." type: "string" port: description: "The port number of the endpoint." @@ -1531,11 +1563,12 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP." + description: "The IP protocol for this port.\nMust be UDP, TCP, or SCTP.\nDefault is TCP." type: "string" required: - "port" type: "object" + x-kubernetes-map-type: "atomic" type: "array" type: "object" type: "array" @@ -1560,7 +1593,7 @@ spec: type: "object" type: "array" externalNode: - description: "ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity." + description: "ExternalNode is the opaque identifier of the agent/controller responsible\nfor additional processing or handling of this external entity." type: "string" ports: description: "Ports maintain the list of named ports." @@ -1576,7 +1609,7 @@ spec: type: "integer" protocol: default: "TCP" - description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP." + description: "The protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." type: "string" type: "object" type: "array" @@ -1593,7 +1626,7 @@ spec: format: "int32" type: "integer" label: - description: "Label is the normalized string of a label identity. The format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)` E.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db`" + description: "Label is the normalized string of a label identity.\nThe format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)`\nE.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db`" type: "string" type: "object" name: @@ -1613,10 +1646,10 @@ spec: description: "If imported resource is ServiceImport." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -1634,10 +1667,10 @@ spec: description: "ServicePort represents the port on which the service is exposed" properties: appProtocol: - description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and http://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. Field can be enabled with ServiceAppProtocol feature gate." + description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and http://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol.\nField can be enabled with ServiceAppProtocol feature gate." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" port: description: "The port that will be exposed by this service." @@ -1645,7 +1678,7 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" required: - "port" @@ -1653,7 +1686,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" sessionAffinity: - description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. Ignored when type is Headless More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity.\nEnable client IP based session affinity.\nMust be ClientIP or None.\nDefaults to None.\nIgnored when type is Headless\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" sessionAffinityConfig: description: "sessionAffinityConfig contains session affinity configuration." @@ -1662,13 +1695,13 @@ spec: description: "clientIP contains the configurations of Client IP based session affinity." properties: timeoutSeconds: - description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours)." + description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time.\nThe value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\".\nDefault value is 10800(for 3 hours)." format: "int32" type: "integer" type: "object" type: "object" type: - description: "type defines the type of this service. Must be ClusterSetIP or Headless." + description: "type defines the type of this service.\nMust be ClusterSetIP or Headless." enum: - "ClusterSetIP" - "Headless" @@ -1678,15 +1711,15 @@ spec: - "type" type: "object" status: - description: "status contains information about the exported services that form the multi-cluster service referenced by this ServiceImport." + description: "status contains information about the exported services that form\nthe multi-cluster service referenced by this ServiceImport." properties: clusters: - description: "clusters is the list of exporting clusters from which this service was derived." + description: "clusters is the list of exporting clusters from which this service\nwas derived." items: description: "ClusterStatus contains service configuration mapped to a specific source cluster" properties: cluster: - description: "cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS label." + description: "cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS\nlabel." type: "string" required: - "cluster" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clusterclaims.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clusterclaims.yaml index 617bdce60..620940848 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clusterclaims.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clusterclaims.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "clusterclaims.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -27,10 +27,10 @@ spec: description: "ClusterClaim is the Schema for the clusterclaims API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clustersets.yaml b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clustersets.yaml index 4ff63d37d..aa6e4a523 100644 --- a/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clustersets.yaml +++ b/crd-catalog/antrea-io/antrea/multicluster.crd.antrea.io/v1alpha2/clustersets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "clustersets.multicluster.crd.antrea.io" spec: group: "multicluster.crd.antrea.io" @@ -35,10 +35,10 @@ spec: description: "ClusterSet represents a ClusterSet." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -57,17 +57,17 @@ spec: description: "Identify a leader cluster in the ClusterSet." type: "string" secret: - description: "Name of the Secret resource in the member cluster, which stores the token to access the leader cluster's API server." + description: "Name of the Secret resource in the member cluster, which stores\nthe token to access the leader cluster's API server." type: "string" server: - description: "API server endpoint of the leader cluster. E.g. \"https://172.18.0.1:6443\", \"https://example.com:6443\"." + description: "API server endpoint of the leader cluster.\nE.g. \"https://172.18.0.1:6443\", \"https://example.com:6443\"." type: "string" type: "object" maxItems: 1 minItems: 1 type: "array" namespace: - description: "The leader cluster Namespace in which the ClusterSet is defined. Used in a member cluster." + description: "The leader cluster Namespace in which the ClusterSet is defined.\nUsed in a member cluster." type: "string" required: - "clusterID" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/configconstraints.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/configconstraints.yaml index a894e85c7..cb150ba29 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/configconstraints.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/configconstraints.yaml @@ -44,20 +44,20 @@ spec: description: "ConfigConstraintSpec defines the desired state of ConfigConstraint" properties: cfgSchemaTopLevelName: - description: "Top level key used to get the cue rules to validate the config file. It must exist in 'ConfigSchema' TODO (refactored to ConfigSchemaTopLevelKey)" + description: "Top level key used to get the cue rules to validate the config file. It must exist in 'ConfigSchema'" type: "string" configurationSchema: - description: "List constraints rules for each config parameters. TODO (refactored to ConfigSchema)" + description: "List constraints rules for each config parameters." properties: cue: description: "Enables providers to verify user configurations using the CUE language." type: "string" schema: - description: "Transforms the schema from CUE to json for further OpenAPI validation TODO (refactored to SchemaInJson)" + description: "Transforms the schema from CUE to json for further OpenAPI validation" x-kubernetes-preserve-unknown-fields: true type: "object" downwardAPIOptions: - description: "A set of actions for regenerating local configs. \n It works when: - different engine roles have different config, such as redis primary & secondary - after a role switch, the local config will be regenerated with the help of DownwardActions TODO (refactored to DownwardActions)" + description: "A set of actions for regenerating local configs. \n It works when: - different engine roles have different config, such as redis primary & secondary - after a role switch, the local config will be regenerated with the help of DownwardActions" items: properties: command: @@ -178,7 +178,7 @@ spec: type: "array" x-kubernetes-list-type: "set" reloadOptions: - description: "Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadActions != nil TODO (refactored to DynamicReloadActions)" + description: "Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && ReloadOptions != nil" properties: autoTrigger: description: "Used to automatically perform the reload command when conditions are met." @@ -190,8 +190,8 @@ spec: shellTrigger: description: "Used to perform the reload command in shell script." properties: - batchInputTemplate: - description: "When `batchReload` is set to 'True', this parameter allows for the optional specification of the batch input format that is passed into the STDIN of the script. The format should be provided as a Go template string. In the template, the updated parameters' key-value map can be referenced using the dollar sign ('$') variable. Here's an example of an input template: \n ```yaml \n batchInputTemplate: |- \n {{- range $pKey, $pValue := $ }} \n {{ printf \"%s:%s\" $pKey $pValue }} \n {{- end }} \n ``` \n In this example, each updated parameter is iterated over in a sorted order by keys to generate the batch input data as follows: \n ``` \n key1:value1 \n key2:value2 \n key3:value3 \n ``` \n If this parameter is not specified, the default format used for STDIN is as follows: Each updated parameter generates a line that concatenates the parameter's key and value with a equal sign ('='). These lines are then sorted by their keys and inserted accordingly. Here's an example of the batch input data using the default template: \n ``` \n key1=value1 \n key2=value2 \n key3=value3 \n ```" + batchParametersTemplate: + description: "When `batchReload` is set to 'True', this parameter allows for the optional specification of the batch input format that is passed into the STDIN of the script. The format should be provided as a Go template string. In the template, the updated parameters' key-value map can be referenced using the dollar sign ('$') variable. Here's an example of an input template: \n ```yaml \n batchParametersTemplate: |- \n {{- range $pKey, $pValue := $ }} \n {{ printf \"%s:%s\" $pKey $pValue }} \n {{- end }} \n ``` \n In this example, each updated parameter is iterated over in a sorted order by keys to generate the batch input data as follows: \n ``` \n key1:value1 \n key2:value2 \n key3:value3 \n ``` \n If this parameter is not specified, the default format used for STDIN is as follows: Each updated parameter generates a line that concatenates the parameter's key and value with a equal sign ('='). These lines are then sorted by their keys and inserted accordingly. Here's an example of the batch input data using the default template: \n ``` \n key1=value1 \n key2=value2 \n key3=value3 \n ```" type: "string" batchReload: description: "Specifies whether to reconfigure dynamic parameters individually or in a batch. - Set to 'True' to execute the reload action in a batch, incorporating all parameter changes. - Set to 'False' to execute the reload action for each parameter change individually. The default value is 'False'." @@ -292,7 +292,7 @@ spec: - "scriptConfigMapRef" x-kubernetes-list-type: "map" selector: - description: "Used to match labels on the pod to do a dynamic reload TODO (refactored to DynamicReloadSelector)" + description: "Used to match labels on the pod to do a dynamic reload" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -329,7 +329,7 @@ spec: type: "array" x-kubernetes-list-type: "set" toolsImageSpec: - description: "Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. TODO (refactored to ReloadToolsImage)" + description: "Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume." properties: mountPoint: description: "Represents the point where the scripts file will be mounted." @@ -381,6 +381,6 @@ spec: type: "object" type: "object" served: true - storage: true + storage: false subresources: status: {} diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml new file mode 100644 index 000000000..0508f7227 --- /dev/null +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml @@ -0,0 +1,386 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.12.1" + labels: + app.kubernetes.io/name: "kubeblocks" + name: "configconstraints.apps.kubeblocks.io" +spec: + group: "apps.kubeblocks.io" + names: + categories: + - "kubeblocks" + kind: "ConfigConstraint" + listKind: "ConfigConstraintList" + plural: "configconstraints" + shortNames: + - "cc" + singular: "configconstraint" + scope: "Cluster" + versions: + - additionalPrinterColumns: + - description: "status phase" + jsonPath: ".status.phase" + name: "PHASE" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "AGE" + type: "date" + name: "v1beta1" + schema: + openAPIV3Schema: + description: "ConfigConstraint is the Schema for the configconstraint API" + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + description: "ConfigConstraintSpec defines the desired state of ConfigConstraint" + properties: + configSchema: + description: "List constraints rules for each config parameters." + properties: + cue: + description: "Enables providers to verify user configurations using the CUE language." + type: "string" + schemaInJSON: + description: "Transforms the schema from CUE to json for further OpenAPI validation" + x-kubernetes-preserve-unknown-fields: true + type: "object" + configSchemaTopLevelKey: + description: "Top level key used to get the cue rules to validate the config file. It must exist in 'ConfigSchema'" + type: "string" + downwardActions: + description: "A set of actions for regenerating local configs. \n It works when: - different engine roles have different config, such as redis primary & secondary - after a role switch, the local config will be regenerated with the help of DownwardActions" + items: + properties: + command: + description: "The command used to execute for the downward API." + items: + type: "string" + type: "array" + items: + description: "Represents a list of downward API volume files." + items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" + properties: + fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + format: "int32" + type: "integer" + path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" + type: "string" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + required: + - "path" + type: "object" + type: "array" + mountPoint: + description: "Specifies the mount point of the scripts file." + maxLength: 128 + type: "string" + name: + description: "Specifies the name of the field. It must be a string of maximum length 63. The name should match the regex pattern `^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$`." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" + required: + - "items" + - "mountPoint" + - "name" + type: "object" + type: "array" + dynamicActionCanBeMerged: + description: "Indicates the dynamic reload action and restart action can be merged to a restart action. \n When a batch of parameters updates incur both restart & dynamic reload, it works as: - set to true, the two actions merged to only one restart action - set to false, the two actions cannot be merged, the actions executed in order [dynamic reload, restart]" + type: "boolean" + dynamicParameterSelectedPolicy: + description: "Specifies the policy for selecting the parameters of dynamic reload actions." + enum: + - "all" + - "dynamic" + type: "string" + dynamicParameters: + description: "A list of DynamicParameter. Modifications of dynamic parameters trigger a reload action without process restart." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "set" + dynamicReloadAction: + description: "Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadAction != nil" + properties: + autoTrigger: + description: "Used to automatically perform the reload command when conditions are met." + properties: + processName: + description: "The name of the process." + type: "string" + type: "object" + shellTrigger: + description: "Used to perform the reload command in shell script." + properties: + batchParametersTemplate: + description: "When `batchReload` is set to 'True', this parameter allows for the optional specification of the batch input format that is passed into the STDIN of the script. The format should be provided as a Go template string. In the template, the updated parameters' key-value map can be referenced using the dollar sign ('$') variable. Here's an example of an input template: \n ```yaml \n batchParametersTemplate: |- \n {{- range $pKey, $pValue := $ }} \n {{ printf \"%s:%s\" $pKey $pValue }} \n {{- end }} \n ``` \n In this example, each updated parameter is iterated over in a sorted order by keys to generate the batch input data as follows: \n ``` \n key1:value1 \n key2:value2 \n key3:value3 \n ``` \n If this parameter is not specified, the default format used for STDIN is as follows: Each updated parameter generates a line that concatenates the parameter's key and value with a equal sign ('='). These lines are then sorted by their keys and inserted accordingly. Here's an example of the batch input data using the default template: \n ``` \n key1=value1 \n key2=value2 \n key3=value3 \n ```" + type: "string" + batchReload: + description: "Specifies whether to reconfigure dynamic parameters individually or in a batch. - Set to 'True' to execute the reload action in a batch, incorporating all parameter changes. - Set to 'False' to execute the reload action for each parameter change individually. The default value is 'False'." + type: "boolean" + command: + description: "Specifies the list of commands for reload." + items: + type: "string" + type: "array" + sync: + description: "Specifies whether to synchronize updates parameters to the config manager. Specifies two ways of controller to reload the parameter: - set to 'True', execute the reload action in sync mode, wait for the completion of reload - set to 'False', execute the reload action in async mode, just update the 'Configmap', no need to wait" + type: "boolean" + required: + - "command" + type: "object" + tplScriptTrigger: + description: "Used to perform the reload command by Go template script." + properties: + namespace: + default: "default" + description: "Specifies the namespace where the referenced tpl script ConfigMap in. If left empty, by default in the \"default\" namespace." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + scriptConfigMapRef: + description: "Specifies the reference to the ConfigMap that contains the script to be executed for reload." + type: "string" + sync: + description: "Specifies whether to synchronize updates parameters to the config manager. Specifies two ways of controller to reload the parameter: - set to 'True', execute the reload action in sync mode, wait for the completion of reload - set to 'False', execute the reload action in async mode, just update the 'Configmap', no need to wait" + type: "boolean" + required: + - "scriptConfigMapRef" + type: "object" + unixSignalTrigger: + description: "Used to trigger a reload by sending a Unix signal to the process." + properties: + processName: + description: "Represents the name of the process that the Unix signal sent to." + type: "string" + signal: + description: "Represents a valid Unix signal. Refer to the following URL for a list of all Unix signals: ../../pkg/configuration/configmap/handler.go:allUnixSignals" + enum: + - "SIGHUP" + - "SIGINT" + - "SIGQUIT" + - "SIGILL" + - "SIGTRAP" + - "SIGABRT" + - "SIGBUS" + - "SIGFPE" + - "SIGKILL" + - "SIGUSR1" + - "SIGSEGV" + - "SIGUSR2" + - "SIGPIPE" + - "SIGALRM" + - "SIGTERM" + - "SIGSTKFLT" + - "SIGCHLD" + - "SIGCONT" + - "SIGSTOP" + - "SIGTSTP" + - "SIGTTIN" + - "SIGTTOU" + - "SIGURG" + - "SIGXCPU" + - "SIGXFSZ" + - "SIGVTALRM" + - "SIGPROF" + - "SIGWINCH" + - "SIGIO" + - "SIGPWR" + - "SIGSYS" + type: "string" + required: + - "processName" + - "signal" + type: "object" + type: "object" + dynamicReloadSelector: + description: "Used to match labels on the pod to do a dynamic reload" + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + formatterConfig: + description: "Describes the format of the config file. The controller works as follows: 1. Parse the config file 2. Get the modified parameters 3. Trigger the corresponding action" + properties: + format: + description: "The config file format. Valid values are `ini`, `xml`, `yaml`, `json`, `hcl`, `dotenv`, `properties` and `toml`. Each format has its own characteristics and use cases. \n - ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file - xml: refers to wiki: https://en.wikipedia.org/wiki/XML - yaml: supports for complex data types and structures. - json: refers to wiki: https://en.wikipedia.org/wiki/JSON - hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/ - dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS - properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties - toml: refers to wiki: https://en.wikipedia.org/wiki/TOML - props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp)" + enum: + - "xml" + - "ini" + - "yaml" + - "json" + - "hcl" + - "dotenv" + - "toml" + - "properties" + - "redis" + - "props-plus" + type: "string" + iniConfig: + description: "A pointer to an IniConfig struct that holds the ini options." + properties: + sectionName: + description: "A string that describes the name of the ini section." + type: "string" + type: "object" + required: + - "format" + type: "object" + immutableParameters: + description: "Describes parameters that are prohibited to do any modifications." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "set" + reloadToolsImage: + description: "Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume." + properties: + mountPoint: + description: "Represents the point where the scripts file will be mounted." + maxLength: 128 + type: "string" + toolConfigs: + description: "Used to configure the initialization container." + items: + properties: + command: + description: "Commands to be executed when init containers." + items: + type: "string" + type: "array" + image: + description: "Represents the url of the tool container image." + type: "string" + name: + description: "Specifies the name of the initContainer." + maxLength: 63 + pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + required: + - "command" + type: "object" + type: "array" + required: + - "mountPoint" + type: "object" + scriptConfigs: + description: "A list of ScriptConfig used by the actions defined in dynamic reload and downward actions." + items: + properties: + namespace: + default: "default" + description: "Specifies the namespace where the referenced tpl script ConfigMap in. If left empty, by default in the \"default\" namespace." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + scriptConfigMapRef: + description: "Specifies the reference to the ConfigMap that contains the script to be executed for reload." + type: "string" + required: + - "scriptConfigMapRef" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "scriptConfigMapRef" + x-kubernetes-list-type: "map" + staticParameters: + description: "A list of StaticParameter. Modifications of static parameters trigger a process restart." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "set" + required: + - "formatterConfig" + type: "object" + status: + properties: + message: + description: "Provides descriptions for abnormal states." + type: "string" + observedGeneration: + description: "Refers to the most recent generation observed for this ConfigConstraint. This value is updated by the API Server." + format: "int64" + type: "integer" + phase: + description: "Specifies the status of the configuration template. When set to CCAvailablePhase, the ConfigConstraint can be referenced by ClusterDefinition or ClusterVersion." + enum: + - "Available" + - "Unavailable" + - "Deleting" + type: "string" + type: "object" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml index 9f36fd8e0..b94c4a66d 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml @@ -2370,8 +2370,6 @@ spec: - "metadata" - "spec" type: "object" - required: - - "elements" type: "object" matrix: properties: @@ -4714,8 +4712,6 @@ spec: - "metadata" - "spec" type: "object" - required: - - "elements" type: "object" matrix: x-kubernetes-preserve-unknown-fields: true @@ -9741,8 +9737,6 @@ spec: - "metadata" - "spec" type: "object" - required: - - "elements" type: "object" matrix: x-kubernetes-preserve-unknown-fields: true diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml index 725f1de58..228354c65 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml @@ -30,6 +30,7 @@ spec: description: "PlatformEndpointSpec defines the desired state of PlatformEndpoint." properties: customUserData: + description: "Arbitrary user data to associate with the endpoint. Amazon SNS does not use\nthis data. The data must be in UTF-8 format and less than 2KB." type: "string" enabled: type: "string" @@ -37,6 +38,7 @@ spec: description: "PlatformApplicationArn returned from CreatePlatformApplication is used to\ncreate a an endpoint." type: "string" token: + description: "Unique identifier created by the notification service for an app on a device.\nThe specific name for Token will vary, depending on which notification service\nis being used. For example, when using APNS as the notification service,\nyou need the device token. Alternatively, when using GCM (Firebase Cloud\nMessaging) or ADM, the device token equivalent is called the registration\nID." type: "string" required: - "platformApplicationARN" diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml index b7d3d7f07..f5b630313 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml @@ -114,11 +114,8 @@ spec: type: "integer" kubeReserved: additionalProperties: - anyOf: - - type: "integer" - - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true + type: "string" description: "KubeReserved contains resources reserved for Kubernetes system components." type: "object" x-kubernetes-validations: @@ -138,11 +135,8 @@ spec: type: "integer" systemReserved: additionalProperties: - anyOf: - - type: "integer" - - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true + type: "string" description: "SystemReserved contains resources reserved for OS system daemons and kernel memory." type: "object" x-kubernetes-validations: diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml index cc4842282..c77f91580 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml @@ -194,11 +194,8 @@ spec: type: "integer" kubeReserved: additionalProperties: - anyOf: - - type: "integer" - - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true + type: "string" description: "KubeReserved contains resources reserved for Kubernetes system components." type: "object" x-kubernetes-validations: @@ -218,11 +215,8 @@ spec: type: "integer" systemReserved: additionalProperties: - anyOf: - - type: "integer" - - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true + type: "string" description: "SystemReserved contains resources reserved for OS system daemons and kernel memory." type: "object" x-kubernetes-validations: diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml index 7b9b99c76..c26aec69e 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml @@ -120,7 +120,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -669,7 +669,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -1031,7 +1031,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -1505,7 +1505,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -1890,7 +1890,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -2439,7 +2439,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -2801,7 +2801,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -3275,7 +3275,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml index 52a8d201c..63c857906 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml @@ -125,7 +125,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -674,7 +674,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -1036,7 +1036,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -1510,7 +1510,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -1895,7 +1895,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -2444,7 +2444,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -2806,7 +2806,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" @@ -3280,7 +3280,7 @@ spec: pattern: "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/([0-9]|[1-2][0-9]|3[0-2])$|^s*((([0-9A-Fa-f]{1,4}:){7}(:|([0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){6}:([0-9A-Fa-f]{1,4})?)|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){0,1}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){0,2}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){0,3}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){0,4}):([0-9A-Fa-f]{1,4})?))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){0,5}):([0-9A-Fa-f]{1,4})?))|(:(:|((:[0-9A-Fa-f]{1,4}){1,7}))))(%.+)?s*/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])$" type: "string" cidrGroupRef: - description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from." + description: "CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from." maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" diff --git a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositeresourcedefinitions.yaml b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositeresourcedefinitions.yaml index cd35678b4..0f2b63641 100644 --- a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositeresourcedefinitions.yaml +++ b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositeresourcedefinitions.yaml @@ -31,7 +31,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "A CompositeResourceDefinition defines a new kind of composite infrastructure\nresource. The new resource is composed of other composite or managed\ninfrastructure resources." + description: "A CompositeResourceDefinition defines the schema for a new custom Kubernetes\nAPI.\n\n\nRead the Crossplane documentation for\n[more information about CustomResourceDefinitions](https://docs.crossplane.io/latest/concepts/composite-resource-definitions)." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositionrevisions.yaml b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositionrevisions.yaml index bd47e991b..28b584f03 100644 --- a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositionrevisions.yaml +++ b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositionrevisions.yaml @@ -33,7 +33,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "A CompositionRevision represents a revision in time of a Composition.\nRevisions are created by Crossplane; they should be treated as immutable." + description: "A CompositionRevision represents a revision of a Composition. Crossplane\ncreates new revisions when there are changes to the Composition.\n\n\nCrossplane creates and manages CompositionRevisions. Don't directly edit\nCompositionRevisions." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositions.yaml b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositions.yaml index 55e2e25d5..14e1b15ef 100644 --- a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositions.yaml +++ b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1/compositions.yaml @@ -30,7 +30,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "A Composition specifies how a composite resource should be composed." + description: "A Composition defines a collection of managed resources or functions that\nCrossplane uses to create and manage new composite resources.\n\n\nRead the Crossplane documentation for\n[more information about Compositions](https://docs.crossplane.io/latest/concepts/compositions)." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1beta1/compositionrevisions.yaml b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1beta1/compositionrevisions.yaml index c99f921d7..338824bea 100644 --- a/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1beta1/compositionrevisions.yaml +++ b/crd-catalog/crossplane/crossplane/apiextensions.crossplane.io/v1beta1/compositionrevisions.yaml @@ -33,7 +33,7 @@ spec: name: "v1beta1" schema: openAPIV3Schema: - description: "A CompositionRevision represents a revision in time of a Composition.\nRevisions are created by Crossplane; they should be treated as immutable." + description: "A CompositionRevision represents a revision of a Composition. Crossplane\ncreates new revisions when there are changes to the Composition.\n\n\nCrossplane creates and manages CompositionRevisions. Don't directly edit\nCompositionRevisions." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurationrevisions.yaml b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurationrevisions.yaml index 538840625..84e262bc6 100644 --- a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurationrevisions.yaml +++ b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurationrevisions.yaml @@ -41,7 +41,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "A ConfigurationRevision that has been added to Crossplane." + description: "A ConfigurationRevision represents a revision of a Configuration. Crossplane\ncreates new revisions when there are changes to a Configuration.\n\n\nCrossplane creates and manages ConfigurationRevision. Don't directly edit\nConfigurationRevisions." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurations.yaml b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurations.yaml index fb5b9e5f1..2bd34e7ba 100644 --- a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurations.yaml +++ b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/configurations.yaml @@ -32,7 +32,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "Configuration is the CRD type for a request to add a configuration to Crossplane." + description: "A Configuration installs an OCI compatible Crossplane package, extending\nCrossplane with support for new kinds of CompositeResourceDefinitions and\nCompositions.\n\n\nRead the Crossplane documentation for\n[more information about Configuration packages](https://docs.crossplane.io/latest/concepts/packages)." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providerrevisions.yaml b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providerrevisions.yaml index a603a973a..65c759b3a 100644 --- a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providerrevisions.yaml +++ b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providerrevisions.yaml @@ -41,7 +41,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "A ProviderRevision that has been added to Crossplane." + description: "A ProviderRevision represents a revision of a Provider. Crossplane\ncreates new revisions when there are changes to a Provider.\n\n\nCrossplane creates and manages ProviderRevisions. Don't directly edit\nProviderRevisions." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providers.yaml b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providers.yaml index 13e2779dd..c5ec398bc 100644 --- a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providers.yaml +++ b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1/providers.yaml @@ -32,7 +32,7 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "Provider is the CRD type for a request to add a provider to Crossplane." + description: "A Provider installs an OCI compatible Crossplane package, extending\nCrossplane with support for new kinds of managed resources.\n\n\nRead the Crossplane documentation for\n[more information about Providers](https://docs.crossplane.io/latest/concepts/providers)." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1alpha1/controllerconfigs.yaml b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1alpha1/controllerconfigs.yaml index d78375f53..645a36595 100644 --- a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1alpha1/controllerconfigs.yaml +++ b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1alpha1/controllerconfigs.yaml @@ -22,7 +22,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "ControllerConfig is the CRD type for a packaged controller configuration.\nDeprecated: This API is replaced by DeploymentRuntimeConfig, and is scheduled\nto be removed in a future release. See the design doc for more details:\nhttps://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md" + description: "A ControllerConfig applies settings to controllers like Provider pods.\nDeprecated: Use the\n[DeploymentRuntimeConfig](https://docs.crossplane.io/latest/concepts/providers#runtime-configuration)\ninstead.\n\n\nRead the\n[Package Runtime Configuration](https://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md)\ndesign document for more details." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/crossplane/crossplane/secrets.crossplane.io/v1alpha1/storeconfigs.yaml b/crd-catalog/crossplane/crossplane/secrets.crossplane.io/v1alpha1/storeconfigs.yaml index b2b7b3e22..adea7da03 100644 --- a/crd-catalog/crossplane/crossplane/secrets.crossplane.io/v1alpha1/storeconfigs.yaml +++ b/crd-catalog/crossplane/crossplane/secrets.crossplane.io/v1alpha1/storeconfigs.yaml @@ -29,7 +29,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "A StoreConfig configures how Crossplane controllers should store connection details." + description: "A StoreConfig configures how Crossplane controllers should store connection\ndetails in an external secret store." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml index 4a391da37..b5c133e20 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml @@ -430,7 +430,7 @@ spec: type: "object" type: "object" namespaceSelector: - description: "The labels to select by to find the Namespaces to create the ExternalSecrets in." + description: "The labels to select by to find the Namespaces to create the ExternalSecrets in.\nDeprecated: Use NamespaceSelectors instead." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -460,6 +460,40 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + namespaceSelectors: + description: "A list of labels to select by to find the Namespaces to create the ExternalSecrets in. The selectors are ORed." + items: + description: "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" namespaces: description: "Choose namespaces by name. This field is ORed with anything that NamespaceSelector ends up choosing." items: diff --git a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml index daa423707..e8f38362e 100644 --- a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml +++ b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2beta2/helmreleases.yaml @@ -119,6 +119,7 @@ spec: description: "Provider specifies the technology used to sign the OCI Helm chart." enum: - "cosign" + - "notation" type: "string" secretRef: description: "SecretRef specifies the Kubernetes Secret containing the\ntrusted public keys." diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml index d4d76df0f..d1ecdedab 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml @@ -14,6 +14,9 @@ spec: scope: "Namespaced" versions: - additionalPrinterColumns: + - jsonPath: ".status.version" + name: "Version" + type: "string" - jsonPath: ".status.stage" name: "Stage" type: "string" @@ -3975,6 +3978,8 @@ spec: x-kubernetes-map-type: "atomic" type: "array" type: "object" + version: + type: "string" type: "object" status: properties: @@ -3998,6 +4003,8 @@ spec: type: "string" stageStatus: type: "string" + version: + type: "string" type: "object" type: "object" served: true diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml index f275f0a71..fa53371b6 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml @@ -412,14 +412,6 @@ spec: type: "string" type: "object" type: "array" - saml_idp_service_provider_labels: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: "SAMLIdPServiceProviderLabels is a labels map used in RBAC system to allow/deny access to saml_idp_service_provider resource." - type: "object" - saml_idp_service_provider_labels_expression: - description: "SAMLIdPServiceProviderLabelsExpression is a predicate expression used to allow/deny access to saml_idp_service_provider resource." - type: "string" spiffe: description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID." items: @@ -842,14 +834,6 @@ spec: type: "string" type: "object" type: "array" - saml_idp_service_provider_labels: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: "SAMLIdPServiceProviderLabels is a labels map used in RBAC system to allow/deny access to saml_idp_service_provider resource." - type: "object" - saml_idp_service_provider_labels_expression: - description: "SAMLIdPServiceProviderLabelsExpression is a predicate expression used to allow/deny access to saml_idp_service_provider resource." - type: "string" spiffe: description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID." items: diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml index 9d0a4905c..a7ccc3250 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml @@ -412,14 +412,6 @@ spec: type: "string" type: "object" type: "array" - saml_idp_service_provider_labels: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: "SAMLIdPServiceProviderLabels is a labels map used in RBAC system to allow/deny access to saml_idp_service_provider resource." - type: "object" - saml_idp_service_provider_labels_expression: - description: "SAMLIdPServiceProviderLabelsExpression is a predicate expression used to allow/deny access to saml_idp_service_provider resource." - type: "string" spiffe: description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID." items: @@ -842,14 +834,6 @@ spec: type: "string" type: "object" type: "array" - saml_idp_service_provider_labels: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: "SAMLIdPServiceProviderLabels is a labels map used in RBAC system to allow/deny access to saml_idp_service_provider resource." - type: "object" - saml_idp_service_provider_labels_expression: - description: "SAMLIdPServiceProviderLabelsExpression is a predicate expression used to allow/deny access to saml_idp_service_provider resource." - type: "string" spiffe: description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID." items: diff --git a/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/hazelcasts.yaml b/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/hazelcasts.yaml index b02b16aa7..3cb0051b5 100644 --- a/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/hazelcasts.yaml +++ b/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/hazelcasts.yaml @@ -153,6 +153,7 @@ spec: dataLoadTimeoutSeconds: description: "DataLoadTimeoutSeconds is the timeout duration in seconds for CP members to restore their persisted data from disk" format: "int32" + minimum: 1.0 type: "integer" failOnIndeterminateOperationState: description: "FailOnIndeterminateOperationState indicated whether CP Subsystem operations use at-least-once and at-most-once execution guarantees." @@ -186,11 +187,11 @@ spec: type: "string" type: "object" sessionHeartbeatIntervalSeconds: - description: "SessionHeartbeatIntervalSeconds Interval in seconds for the periodically committed CP session heartbeats. Must be greater than or equal to SessionTTLSeconds." + description: "SessionHeartbeatIntervalSeconds Interval in seconds for the periodically committed CP session heartbeats. Must be smaller than SessionTTLSeconds." format: "int32" type: "integer" sessionTTLSeconds: - description: "SessionTTLSeconds is the duration for a CP session to be kept alive after the last received heartbeat. Must be greater than or equal to SessionTTLSeconds." + description: "SessionTTLSeconds is the duration for a CP session to be kept alive after the last received heartbeat. Must be greater than or equal to SessionHeartbeatIntervalSeconds and smaller than or equal to MissingCpMemberAutoRemovalSeconds." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/wanreplications.yaml b/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/wanreplications.yaml index 126d362b9..5c4e60438 100644 --- a/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/wanreplications.yaml +++ b/crd-catalog/hazelcast/hazelcast-platform-operator/hazelcast.com/v1alpha1/wanreplications.yaml @@ -121,6 +121,9 @@ spec: type: "object" minItems: 1 type: "array" + syncConsistencyCheckStrategy: + description: "SyncConsistencyCheckStrategy is the strategy for checking the consistency of data between replicas." + type: "string" targetClusterName: description: "ClusterName is the clusterName field of the target Hazelcast resource." minLength: 1 diff --git a/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml b/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml new file mode 100644 index 000000000..9062d055e --- /dev/null +++ b/crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml @@ -0,0 +1,303 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + helm.sh/resource-policy: "keep" + labels: + app: "istio-pilot" + chart: "istio" + heritage: "Tiller" + istio: "telemetry" + release: "istio" + name: "telemetries.telemetry.istio.io" +spec: + group: "telemetry.istio.io" + names: + categories: + - "istio-io" + - "telemetry-istio-io" + kind: "Telemetry" + listKind: "TelemetryList" + plural: "telemetries" + shortNames: + - "telemetry" + singular: "telemetry" + scope: "Namespaced" + versions: + - additionalPrinterColumns: + - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1" + schema: + openAPIV3Schema: + properties: + spec: + description: "Telemetry configuration for workloads. See more details at: https://istio.io/docs/reference/config/telemetry.html" + properties: + accessLogging: + description: "Optional." + items: + properties: + disabled: + description: "Controls logging." + nullable: true + type: "boolean" + filter: + description: "Optional." + properties: + expression: + description: "CEL expression for selecting when requests/connections should be logged." + type: "string" + type: "object" + match: + description: "Allows tailoring of logging behavior to specific conditions." + properties: + mode: + description: "This determines whether or not to apply the access logging configuration based on the direction of traffic relative to the proxied workload.\n\nValid Options: CLIENT_AND_SERVER, CLIENT, SERVER" + enum: + - "CLIENT_AND_SERVER" + - "CLIENT" + - "SERVER" + type: "string" + type: "object" + providers: + description: "Optional." + items: + properties: + name: + description: "Required." + minLength: 1 + type: "string" + required: + - "name" + type: "object" + type: "array" + type: "object" + type: "array" + metrics: + description: "Optional." + items: + properties: + overrides: + description: "Optional." + items: + properties: + disabled: + description: "Optional." + nullable: true + type: "boolean" + match: + description: "Match allows providing the scope of the override." + oneOf: + - not: + anyOf: + - required: + - "metric" + - required: + - "customMetric" + - required: + - "metric" + - required: + - "customMetric" + properties: + customMetric: + description: "Allows free-form specification of a metric." + minLength: 1 + type: "string" + metric: + description: "One of the well-known [Istio Standard Metrics](https://istio.io/latest/docs/reference/config/metrics/).\n\nValid Options: ALL_METRICS, REQUEST_COUNT, REQUEST_DURATION, REQUEST_SIZE, RESPONSE_SIZE, TCP_OPENED_CONNECTIONS, TCP_CLOSED_CONNECTIONS, TCP_SENT_BYTES, TCP_RECEIVED_BYTES, GRPC_REQUEST_MESSAGES, GRPC_RESPONSE_MESSAGES" + enum: + - "ALL_METRICS" + - "REQUEST_COUNT" + - "REQUEST_DURATION" + - "REQUEST_SIZE" + - "RESPONSE_SIZE" + - "TCP_OPENED_CONNECTIONS" + - "TCP_CLOSED_CONNECTIONS" + - "TCP_SENT_BYTES" + - "TCP_RECEIVED_BYTES" + - "GRPC_REQUEST_MESSAGES" + - "GRPC_RESPONSE_MESSAGES" + type: "string" + mode: + description: "Controls which mode of metrics generation is selected: `CLIENT`, `SERVER`, or `CLIENT_AND_SERVER`.\n\nValid Options: CLIENT_AND_SERVER, CLIENT, SERVER" + enum: + - "CLIENT_AND_SERVER" + - "CLIENT" + - "SERVER" + type: "string" + type: "object" + tagOverrides: + additionalProperties: + properties: + operation: + description: "Operation controls whether or not to update/add a tag, or to remove it.\n\nValid Options: UPSERT, REMOVE" + enum: + - "UPSERT" + - "REMOVE" + type: "string" + value: + description: "Value is only considered if the operation is `UPSERT`." + type: "string" + type: "object" + x-kubernetes-validations: + - message: "value must be set when operation is UPSERT" + rule: "((has(self.operation) ? self.operation : '') == 'UPSERT') ? self.value != '' : true" + - message: "value must not be set when operation is REMOVE" + rule: "((has(self.operation) ? self.operation : '') == 'REMOVE') ? !has(self.value) : true" + description: "Optional." + type: "object" + type: "object" + type: "array" + providers: + description: "Optional." + items: + properties: + name: + description: "Required." + minLength: 1 + type: "string" + required: + - "name" + type: "object" + type: "array" + reportingInterval: + description: "Optional." + type: "string" + type: "object" + type: "array" + selector: + description: "Optional." + properties: + matchLabels: + additionalProperties: + type: "string" + description: "One or more labels that indicate a specific set of pods/VMs on which a policy should be applied." + type: "object" + type: "object" + targetRef: + description: "Optional." + properties: + group: + description: "group is the group of the target resource." + type: "string" + kind: + description: "kind is kind of the target resource." + type: "string" + name: + description: "name is the name of the target resource." + type: "string" + namespace: + description: "namespace is the namespace of the referent." + type: "string" + type: "object" + tracing: + description: "Optional." + items: + properties: + customTags: + additionalProperties: + oneOf: + - not: + anyOf: + - required: + - "literal" + - required: + - "environment" + - required: + - "header" + - required: + - "literal" + - required: + - "environment" + - required: + - "header" + properties: + environment: + description: "Environment adds the value of an environment variable to each span." + properties: + defaultValue: + description: "Optional." + type: "string" + name: + description: "Name of the environment variable from which to extract the tag value." + minLength: 1 + type: "string" + required: + - "name" + type: "object" + header: + description: "RequestHeader adds the value of an header from the request to each span." + properties: + defaultValue: + description: "Optional." + type: "string" + name: + description: "Name of the header from which to extract the tag value." + minLength: 1 + type: "string" + required: + - "name" + type: "object" + literal: + description: "Literal adds the same, hard-coded value to each span." + properties: + value: + description: "The tag value to use." + minLength: 1 + type: "string" + required: + - "value" + type: "object" + type: "object" + description: "Optional." + type: "object" + disableSpanReporting: + description: "Controls span reporting." + nullable: true + type: "boolean" + match: + description: "Allows tailoring of behavior to specific conditions." + properties: + mode: + description: "This determines whether or not to apply the tracing configuration based on the direction of traffic relative to the proxied workload.\n\nValid Options: CLIENT_AND_SERVER, CLIENT, SERVER" + enum: + - "CLIENT_AND_SERVER" + - "CLIENT" + - "SERVER" + type: "string" + type: "object" + providers: + description: "Optional." + items: + properties: + name: + description: "Required." + minLength: 1 + type: "string" + required: + - "name" + type: "object" + type: "array" + randomSamplingPercentage: + description: "Controls the rate at which traffic will be selected for tracing if no prior sampling decision has been made." + maximum: 100.0 + minimum: 0.0 + nullable: true + type: "number" + useRequestIdForTraceSampling: + nullable: true + type: "boolean" + type: "object" + type: "array" + type: "object" + status: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "object" + served: true + storage: false + subresources: + status: {} diff --git a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml index 3af2d0646..886e48a54 100644 --- a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml +++ b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "cronfederatedhpas.autoscaling.karmada.io" spec: group: "autoscaling.karmada.io" @@ -193,9 +193,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml index e66b88810..e2e41c3ac 100644 --- a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml +++ b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "federatedhpas.autoscaling.karmada.io" spec: group: "autoscaling.karmada.io" @@ -213,6 +213,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -302,6 +303,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -376,6 +378,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -612,6 +615,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -696,6 +700,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -765,6 +770,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -838,9 +844,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml index 3a9bf0989..981507390 100644 --- a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml +++ b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml @@ -2,11 +2,13 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "resourceinterpretercustomizations.config.karmada.io" spec: group: "config.karmada.io" names: + categories: + - "karmada-io" kind: "ResourceInterpreterCustomization" listKind: "ResourceInterpreterCustomizationList" plural: "resourceinterpretercustomizations" @@ -118,9 +120,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml index 94c2bed37..29f2f5fef 100644 --- a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml +++ b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml @@ -2,11 +2,13 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "resourceinterpreterwebhookconfigurations.config.karmada.io" spec: group: "config.karmada.io" names: + categories: + - "karmada-io" kind: "ResourceInterpreterWebhookConfiguration" listKind: "ResourceInterpreterWebhookConfigurationList" plural: "resourceinterpreterwebhookconfigurations" @@ -118,9 +120,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml index d7b579f4f..26d3e97f1 100644 --- a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml +++ b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "multiclusteringresses.networking.karmada.io" spec: group: "networking.karmada.io" @@ -52,6 +52,7 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" service: description: "service references a service as a backend. This is a mutually exclusive setting with \"Resource\"." properties: @@ -111,6 +112,7 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" service: description: "service references a service as a backend. This is a mutually exclusive setting with \"Resource\"." properties: @@ -240,9 +242,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml index fd2242239..33f1bc5f4 100644 --- a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml +++ b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "multiclusterservices.networking.karmada.io" spec: group: "networking.karmada.io" @@ -195,9 +195,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml index 426c85ffc..73a2a936e 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "clusteroverridepolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -259,6 +259,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "overriders" @@ -458,6 +459,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: description: "Name of the target resource. Default is empty, which means selecting all resources." type: "string" @@ -537,6 +539,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" required: @@ -544,9 +547,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml index 36624d924..652dcc3dd 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "clusterpropagationpolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -158,6 +158,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "affinityName" type: "object" @@ -230,6 +231,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" clusterTolerations: description: "ClusterTolerations represents the tolerations." @@ -351,6 +353,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" weight: description: "Weight expressing the preference to the cluster(s) specified by 'TargetCluster'." @@ -445,6 +448,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: description: "Name of the target resource. Default is empty, which means selecting all resources." type: "string" @@ -469,9 +473,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml index 897da60fa..8dd0c20d0 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "federatedresourcequotas.policy.karmada.io" spec: group: "policy.karmada.io" @@ -124,9 +124,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml index 9c6839a69..14939589d 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "overridepolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -259,6 +259,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "overriders" @@ -458,6 +459,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: description: "Name of the target resource. Default is empty, which means selecting all resources." type: "string" @@ -537,6 +539,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" required: @@ -544,9 +547,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml index 80d70d410..eb02ee308 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "propagationpolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -158,6 +158,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "affinityName" type: "object" @@ -230,6 +231,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" clusterTolerations: description: "ClusterTolerations represents the tolerations." @@ -351,6 +353,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" weight: description: "Weight expressing the preference to the cluster(s) specified by 'TargetCluster'." @@ -445,6 +448,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: description: "Name of the target resource. Default is empty, which means selecting all resources." type: "string" @@ -469,9 +473,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml index cdbe94908..ca5ef6b48 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "clusterresourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -165,9 +165,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml index 57b831da8..baba34703 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "resourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -165,9 +165,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml index 9f422c1e7..b355808bd 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "works.work.karmada.io" spec: group: "work.karmada.io" @@ -161,9 +161,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml index 247c14ce1..8530d3fd7 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "clusterresourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -213,6 +213,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "affinityName" type: "object" @@ -285,6 +286,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" clusterTolerations: description: "ClusterTolerations represents the tolerations." @@ -406,6 +408,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" weight: description: "Weight expressing the preference to the cluster(s) specified by 'TargetCluster'." @@ -507,10 +510,12 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: additionalProperties: type: "string" @@ -711,9 +716,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml index 07f1a6bdc..7fb760aeb 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.13.0" name: "resourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -213,6 +213,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "affinityName" type: "object" @@ -285,6 +286,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" clusterTolerations: description: "ClusterTolerations represents the tolerations." @@ -406,6 +408,7 @@ spec: description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" type: "object" weight: description: "Weight expressing the preference to the cluster(s) specified by 'TargetCluster'." @@ -507,10 +510,12 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: additionalProperties: type: "string" @@ -711,9 +716,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml index da75f9fc7..6e36af8e7 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml @@ -276,6 +276,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: @@ -1566,6 +1568,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml index e10ab7f50..4a450497d 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml @@ -276,6 +276,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: @@ -1566,6 +1568,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml index 77cf1df73..a33b23018 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml @@ -276,6 +276,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: @@ -1566,6 +1568,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml index 149f2eb40..08f65538c 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml @@ -276,6 +276,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: @@ -1566,6 +1568,8 @@ spec: type: "object" type: "object" type: "object" + compression_level: + type: "string" content_type: type: "string" custom_headers: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml index a06129257..b5f6d35e9 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml @@ -80,7 +80,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -1104,7 +1104,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/grpcroutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/grpcroutes.yaml index 92835976d..c69b6d69d 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/grpcroutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/grpcroutes.yaml @@ -80,7 +80,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -779,7 +779,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml index 6b1865c27..692445e72 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml @@ -67,7 +67,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -242,7 +242,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml index 8915b7586..f5bc1ada8 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml @@ -77,7 +77,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -252,7 +252,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml index d96e8934f..8741fcc4c 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml @@ -67,7 +67,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -242,7 +242,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml index 0881cbcec..6f1a21dab 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml @@ -80,7 +80,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -1104,7 +1104,7 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended\n\n\n" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml index 27950f296..aefdcb2e6 100644 --- a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml +++ b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml @@ -56,6 +56,9 @@ spec: x-kubernetes-validations: - message: "Value is immutable" rule: "self == oldSelf" + managedBy: + description: "ManagedBy is used to indicate the controller or entity that manages a JobSet" + type: "string" network: description: "Network defines the networking options for the jobset." properties: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml index 1ac0bdb6c..08fb952b9 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml @@ -142,7 +142,7 @@ spec: type: "object" queueingStrategy: default: "BestEffortFIFO" - description: "QueueingStrategy indicates the queueing strategy of the workloads\nacross the queues in this ClusterQueue. This field is immutable.\nCurrent Supported Strategies:\n\n\n- StrictFIFO: workloads are ordered strictly by creation time.\nOlder workloads that can't be admitted will block admitting newer\nworkloads even if they fit available quota.\n- BestEffortFIFO: workloads are ordered by creation time,\nhowever older workloads that can't be admitted will not block\nadmitting newer workloads that fit existing quota." + description: "QueueingStrategy indicates the queueing strategy of the workloads\nacross the queues in this ClusterQueue.\nCurrent Supported Strategies:\n\n\n- StrictFIFO: workloads are ordered strictly by creation time.\nOlder workloads that can't be admitted will block admitting newer\nworkloads even if they fit available quota.\n- BestEffortFIFO: workloads are ordered by creation time,\nhowever older workloads that can't be admitted will not block\nadmitting newer workloads that fit existing quota." enum: - "StrictFIFO" - "BestEffortFIFO" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml index 686e3693d..f1ed3675e 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml @@ -47,7 +47,12 @@ spec: properties: clusterQueue: description: "clusterQueue is a reference to a clusterQueue that backs this localQueue." + maxLength: 253 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + x-kubernetes-validations: + - message: "field is immutable" + rule: "self == oldSelf" type: "object" status: description: "LocalQueueStatus defines the observed state of LocalQueue" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml index 9aea616c7..42ba67c34 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml @@ -4565,6 +4565,8 @@ spec: properties: clusterQueue: description: "clusterQueue is the name of the ClusterQueue that admitted this workload." + maxLength: 253 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" podSetAssignments: description: "PodSetAssignments hold the admission results for each of the .spec.podSets entries." diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml index 2e7c12544..1a6f93323 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml @@ -102,6 +102,9 @@ spec: type: "string" uuid: type: "string" + virtualSize: + format: "int64" + type: "integer" type: "object" nullable: true type: "object" diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml index f8ae0fc46..23c7de730 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml @@ -45,6 +45,10 @@ spec: jsonPath: ".status.size" name: "Size" type: "string" + - description: "The virtual size of the image (may be larger than file size)" + jsonPath: ".status.virtualSize" + name: "VirtualSize" + type: "string" - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" @@ -113,6 +117,10 @@ spec: type: "integer" uuid: type: "string" + virtualSize: + description: "Virtual size of image, which may be larger than physical size. Will be zero until known (e.g. while a backing image is uploading)" + format: "int64" + type: "integer" type: "object" type: "object" served: true diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml index e02922f78..34f48cf4a 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml @@ -1761,6 +1761,28 @@ spec: description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + subnetLabels: + description: "`subnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift." + properties: + customLabels: + description: "`customLabels` allows to customize subnets and IPs labelling, such as to identify cluster-external workloads or web services. If you enable `openShiftAutoDetect`, `customLabels` can override the detected subnets in case they overlap." + items: + description: "SubnetLabel allows to label subnets and IPs, such as to identify cluster-external workloads or web services." + properties: + cidrs: + description: "List of CIDRs, such as `[\"1.2.3.4/32\"]`." + items: + type: "string" + type: "array" + name: + description: "Label name, used to flag matching flows." + type: "string" + type: "object" + type: "array" + openShiftAutoDetect: + description: "`openShiftAutoDetect` allows, when set to `true`, to detect automatically the machines, pods and services subnets based on the OpenShift install configuration and the Cluster Network Operator configuration." + type: "boolean" + type: "object" type: "object" type: "object" status: diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml index 4dd7204e1..98ee37caf 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml @@ -1875,7 +1875,7 @@ spec: description: "Name of an existing LokiStack resource to use." type: "string" namespace: - description: "Namespace where this `LokiStack` resource is located. If omited, it is assumed to be the same as `spec.namespace`." + description: "Namespace where this `LokiStack` resource is located. If omitted, it is assumed to be the same as `spec.namespace`." type: "string" type: "object" manual: @@ -3148,6 +3148,28 @@ spec: description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + subnetLabels: + description: "`SubnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift." + properties: + customLabels: + description: "`customLabels` allows to customize subnets and IPs labelling, such as to identify cluster-external workloads or web services. If you enable `openShiftAutoDetect`, `customLabels` can override the detected subnets in case they overlap." + items: + description: "SubnetLabel allows to label subnets and IPs, such as to identify cluster-external workloads or web services." + properties: + cidrs: + description: "List of CIDRs, such as `[\"1.2.3.4/32\"]`." + items: + type: "string" + type: "array" + name: + description: "Label name, used to flag matching flows." + type: "string" + type: "object" + type: "array" + openShiftAutoDetect: + description: "`openShiftAutoDetect` allows, when set to `true`, to detect automatically the machines, pods and services subnets based on the OpenShift install configuration and the Cluster Network Operator configuration." + type: "boolean" + type: "object" type: "object" type: "object" status: diff --git a/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml b/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml index 3a597b43b..84e117274 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "configs.config.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "Config is the Schema for the configs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,8 +38,8 @@ spec: properties: excludedNamespaces: items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" processes: diff --git a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml index a8a342633..f23afe1c3 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1alpha1/expansiontemplate.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "expansiontemplate.expansion.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "ExpansionTemplate is the Schema for the ExpansionTemplate API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: properties: @@ -37,9 +37,9 @@ spec: description: "ExpansionTemplateSpec defines the desired state of ExpansionTemplate." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds of generator resources which will be expanded." + description: "ApplyTo lists the specific groups, versions and kinds of generator resources\nwhich will be expanded." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -56,10 +56,10 @@ spec: type: "object" type: "array" enforcementAction: - description: "EnforcementAction specifies the enforcement action to be used for resources matching the ExpansionTemplate. Specifying an empty value will use the enforcement action specified by the Constraint in violation." + description: "EnforcementAction specifies the enforcement action to be used for resources\nmatching the ExpansionTemplate. Specifying an empty value will use the\nenforcement action specified by the Constraint in violation." type: "string" generatedGVK: - description: "GeneratedGVK specifies the GVK of the resources which the generator resource creates." + description: "GeneratedGVK specifies the GVK of the resources which the generator\nresource creates." properties: group: type: "string" @@ -69,7 +69,7 @@ spec: type: "string" type: "object" templateSource: - description: "TemplateSource specifies the source field on the generator resource to use as the base for expanded resource. For Pod-creating generators, this is usually spec.template" + description: "TemplateSource specifies the source field on the generator resource to\nuse as the base for expanded resource. For Pod-creating generators, this\nis usually spec.template" type: "string" type: "object" status: @@ -101,7 +101,7 @@ spec: type: "string" type: "array" templateUID: - description: "UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated." + description: "UID is a type that holds unique ID values, including UUIDs. Because we\ndon't ONLY use UUIDs, this is an alias to string. Being a type captures\nintent and helps make sure that UIDs and names do not get conflated." type: "string" type: "object" type: "array" diff --git a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml index 28270ca31..97cc299ba 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/expansion.gatekeeper.sh/v1beta1/expansiontemplate.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "expansiontemplate.expansion.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "ExpansionTemplate is the Schema for the ExpansionTemplate API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,9 +33,9 @@ spec: description: "ExpansionTemplateSpec defines the desired state of ExpansionTemplate." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds of generator resources which will be expanded." + description: "ApplyTo lists the specific groups, versions and kinds of generator resources\nwhich will be expanded." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -52,10 +52,10 @@ spec: type: "object" type: "array" enforcementAction: - description: "EnforcementAction specifies the enforcement action to be used for resources matching the ExpansionTemplate. Specifying an empty value will use the enforcement action specified by the Constraint in violation." + description: "EnforcementAction specifies the enforcement action to be used for resources\nmatching the ExpansionTemplate. Specifying an empty value will use the\nenforcement action specified by the Constraint in violation." type: "string" generatedGVK: - description: "GeneratedGVK specifies the GVK of the resources which the generator resource creates." + description: "GeneratedGVK specifies the GVK of the resources which the generator\nresource creates." properties: group: type: "string" @@ -65,7 +65,7 @@ spec: type: "string" type: "object" templateSource: - description: "TemplateSource specifies the source field on the generator resource to use as the base for expanded resource. For Pod-creating generators, this is usually spec.template" + description: "TemplateSource specifies the source field on the generator resource to\nuse as the base for expanded resource. For Pod-creating generators, this\nis usually spec.template" type: "string" type: "object" status: @@ -97,7 +97,7 @@ spec: type: "string" type: "array" templateUID: - description: "UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated." + description: "UID is a type that holds unique ID values, including UUIDs. Because we\ndon't ONLY use UUIDs, this is an alias to string. Being a type captures\nintent and helps make sure that UIDs and names do not get conflated." type: "string" type: "object" type: "array" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml index 367716ead..d89516559 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assign.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assign.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "Assign is the Schema for the assign API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: properties: @@ -37,9 +37,9 @@ spec: description: "AssignSpec defines the desired state of Assign." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -59,21 +59,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main]`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -84,21 +84,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -110,29 +110,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -144,21 +145,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -176,17 +178,17 @@ spec: properties: dataSource: default: "ValueAtLocation" - description: "DataSource specifies where to extract the data that will be sent to the external data provider as parameters." + description: "DataSource specifies where to extract the data that will be sent\nto the external data provider as parameters." enum: - "ValueAtLocation" - "Username" type: "string" default: - description: "Default specifies the default value to use when the external data provider returns an error and the failure policy is set to \"UseDefault\"." + description: "Default specifies the default value to use when the external data\nprovider returns an error and the failure policy is set to \"UseDefault\"." type: "string" failurePolicy: default: "Fail" - description: "FailurePolicy specifies the policy to apply when the external data provider returns an error." + description: "FailurePolicy specifies the policy to apply when the external data\nprovider returns an error." enum: - "UseDefault" - "Ignore" @@ -209,7 +211,7 @@ spec: type: "object" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -239,7 +241,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -248,7 +250,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml index bfb35b156..8eb009e25 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/assignmetadata.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assignmetadata.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "AssignMetadata is the Schema for the assignmetadata API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: properties: @@ -42,18 +42,18 @@ spec: description: "Match selects which objects are in scope." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -64,21 +64,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -90,29 +90,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -124,21 +125,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -155,17 +157,17 @@ spec: properties: dataSource: default: "ValueAtLocation" - description: "DataSource specifies where to extract the data that will be sent to the external data provider as parameters." + description: "DataSource specifies where to extract the data that will be sent\nto the external data provider as parameters." enum: - "ValueAtLocation" - "Username" type: "string" default: - description: "Default specifies the default value to use when the external data provider returns an error and the failure policy is set to \"UseDefault\"." + description: "Default specifies the default value to use when the external data\nprovider returns an error and the failure policy is set to \"UseDefault\"." type: "string" failurePolicy: default: "Fail" - description: "FailurePolicy specifies the policy to apply when the external data provider returns an error." + description: "FailurePolicy specifies the policy to apply when the external data\nprovider returns an error." enum: - "UseDefault" - "Ignore" @@ -192,7 +194,7 @@ spec: description: "AssignMetadataStatus defines the observed state of AssignMetadata." properties: byPod: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file" + description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" items: description: "MutatorPodStatusStatus defines the observed state of MutatorPodStatus." properties: @@ -205,7 +207,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -214,7 +216,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml index d4c908015..b8a9d43f0 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1/modifyset.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "modifyset.mutations.gatekeeper.sh" @@ -19,13 +19,13 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "ModifySet allows the user to modify non-keyed lists, such as the list of arguments to a container." + description: "ModifySet allows the user to modify non-keyed lists, such as\nthe list of arguments to a container." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: properties: @@ -37,9 +37,9 @@ spec: description: "ModifySetSpec defines the desired state of ModifySet." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -59,21 +59,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main].args`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -84,21 +84,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -110,29 +110,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -144,21 +145,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -176,9 +178,9 @@ spec: - "prune" type: "string" pathTests: - description: "PathTests are a series of existence tests that can be checked before a mutation is applied" + description: "PathTests are a series of existence tests that can be checked\nbefore a mutation is applied" items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -212,7 +214,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -221,7 +223,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml index a4ef7a9a7..58791a267 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assign.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assign.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "Assign is the Schema for the assign API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,9 +33,9 @@ spec: description: "AssignSpec defines the desired state of Assign." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -55,21 +55,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main]`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -80,21 +80,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -106,29 +106,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -140,21 +141,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -172,17 +174,17 @@ spec: properties: dataSource: default: "ValueAtLocation" - description: "DataSource specifies where to extract the data that will be sent to the external data provider as parameters." + description: "DataSource specifies where to extract the data that will be sent\nto the external data provider as parameters." enum: - "ValueAtLocation" - "Username" type: "string" default: - description: "Default specifies the default value to use when the external data provider returns an error and the failure policy is set to \"UseDefault\"." + description: "Default specifies the default value to use when the external data\nprovider returns an error and the failure policy is set to \"UseDefault\"." type: "string" failurePolicy: default: "Fail" - description: "FailurePolicy specifies the policy to apply when the external data provider returns an error." + description: "FailurePolicy specifies the policy to apply when the external data\nprovider returns an error." enum: - "UseDefault" - "Ignore" @@ -205,7 +207,7 @@ spec: type: "object" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -235,7 +237,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -244,7 +246,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml index b98994bc6..a91da12fc 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignimage.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assignimage.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "AssignImage is the Schema for the assignimage API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: properties: @@ -37,9 +37,9 @@ spec: description: "AssignImageSpec defines the desired state of AssignImage." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -59,21 +59,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main].image`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -84,21 +84,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -110,29 +110,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -144,21 +145,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -169,17 +171,17 @@ spec: description: "Parameters define the behavior of the mutator." properties: assignDomain: - description: "AssignDomain sets the domain component on an image string. The trailing slash should not be included." + description: "AssignDomain sets the domain component on an image string. The trailing\nslash should not be included." type: "string" assignPath: description: "AssignPath sets the domain component on an image string." type: "string" assignTag: - description: "AssignImage sets the image component on an image string. It must start with a `:` or `@`." + description: "AssignImage sets the image component on an image string. It must start\nwith a `:` or `@`." type: "string" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -209,7 +211,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -218,7 +220,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml index e7df5a925..ee19841c9 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/assignmetadata.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assignmetadata.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "AssignMetadata is the Schema for the assignmetadata API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,18 +38,18 @@ spec: description: "Match selects which objects are in scope." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -60,21 +60,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -86,29 +86,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -120,21 +121,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -151,17 +153,17 @@ spec: properties: dataSource: default: "ValueAtLocation" - description: "DataSource specifies where to extract the data that will be sent to the external data provider as parameters." + description: "DataSource specifies where to extract the data that will be sent\nto the external data provider as parameters." enum: - "ValueAtLocation" - "Username" type: "string" default: - description: "Default specifies the default value to use when the external data provider returns an error and the failure policy is set to \"UseDefault\"." + description: "Default specifies the default value to use when the external data\nprovider returns an error and the failure policy is set to \"UseDefault\"." type: "string" failurePolicy: default: "Fail" - description: "FailurePolicy specifies the policy to apply when the external data provider returns an error." + description: "FailurePolicy specifies the policy to apply when the external data\nprovider returns an error." enum: - "UseDefault" - "Ignore" @@ -188,7 +190,7 @@ spec: description: "AssignMetadataStatus defines the observed state of AssignMetadata." properties: byPod: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file" + description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" items: description: "MutatorPodStatusStatus defines the observed state of MutatorPodStatus." properties: @@ -201,7 +203,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -210,7 +212,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml index 8759cb5a0..6e712e8b9 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1alpha1/modifyset.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "modifyset.mutations.gatekeeper.sh" @@ -19,13 +19,13 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "ModifySet allows the user to modify non-keyed lists, such as the list of arguments to a container." + description: "ModifySet allows the user to modify non-keyed lists, such as\nthe list of arguments to a container." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,9 +33,9 @@ spec: description: "ModifySetSpec defines the desired state of ModifySet." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -55,21 +55,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main].args`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -80,21 +80,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -106,29 +106,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -140,21 +141,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -172,9 +174,9 @@ spec: - "prune" type: "string" pathTests: - description: "PathTests are a series of existence tests that can be checked before a mutation is applied" + description: "PathTests are a series of existence tests that can be checked\nbefore a mutation is applied" items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -208,7 +210,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -217,7 +219,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml index daa67fda3..ca919fc47 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assign.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assign.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "Assign is the Schema for the assign API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,9 +33,9 @@ spec: description: "AssignSpec defines the desired state of Assign." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -55,21 +55,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main]`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -80,21 +80,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -106,29 +106,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -140,21 +141,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -172,17 +174,17 @@ spec: properties: dataSource: default: "ValueAtLocation" - description: "DataSource specifies where to extract the data that will be sent to the external data provider as parameters." + description: "DataSource specifies where to extract the data that will be sent\nto the external data provider as parameters." enum: - "ValueAtLocation" - "Username" type: "string" default: - description: "Default specifies the default value to use when the external data provider returns an error and the failure policy is set to \"UseDefault\"." + description: "Default specifies the default value to use when the external data\nprovider returns an error and the failure policy is set to \"UseDefault\"." type: "string" failurePolicy: default: "Fail" - description: "FailurePolicy specifies the policy to apply when the external data provider returns an error." + description: "FailurePolicy specifies the policy to apply when the external data\nprovider returns an error." enum: - "UseDefault" - "Ignore" @@ -205,7 +207,7 @@ spec: type: "object" pathTests: items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -235,7 +237,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -244,7 +246,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml index fde5fc445..8fb87c3b9 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/assignmetadata.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "assignmetadata.mutations.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "AssignMetadata is the Schema for the assignmetadata API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,18 +38,18 @@ spec: description: "Match selects which objects are in scope." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -60,21 +60,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -86,29 +86,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -120,21 +121,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -151,17 +153,17 @@ spec: properties: dataSource: default: "ValueAtLocation" - description: "DataSource specifies where to extract the data that will be sent to the external data provider as parameters." + description: "DataSource specifies where to extract the data that will be sent\nto the external data provider as parameters." enum: - "ValueAtLocation" - "Username" type: "string" default: - description: "Default specifies the default value to use when the external data provider returns an error and the failure policy is set to \"UseDefault\"." + description: "Default specifies the default value to use when the external data\nprovider returns an error and the failure policy is set to \"UseDefault\"." type: "string" failurePolicy: default: "Fail" - description: "FailurePolicy specifies the policy to apply when the external data provider returns an error." + description: "FailurePolicy specifies the policy to apply when the external data\nprovider returns an error." enum: - "UseDefault" - "Ignore" @@ -188,7 +190,7 @@ spec: description: "AssignMetadataStatus defines the observed state of AssignMetadata." properties: byPod: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file" + description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" items: description: "MutatorPodStatusStatus defines the observed state of MutatorPodStatus." properties: @@ -201,7 +203,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -210,7 +212,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml index cda77ff22..10fec1824 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/mutations.gatekeeper.sh/v1beta1/modifyset.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "modifyset.mutations.gatekeeper.sh" @@ -19,13 +19,13 @@ spec: - name: "v1beta1" schema: openAPIV3Schema: - description: "ModifySet allows the user to modify non-keyed lists, such as the list of arguments to a container." + description: "ModifySet allows the user to modify non-keyed lists, such as\nthe list of arguments to a container." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,9 +33,9 @@ spec: description: "ModifySetSpec defines the desired state of ModifySet." properties: applyTo: - description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs." + description: "ApplyTo lists the specific groups, versions and kinds a mutation will be applied to.\nThis is necessary because every mutation implies part of an object schema and object\nschemas are associated with specific GVKs." items: - description: "ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed." + description: "ApplyTo determines what GVKs items the mutation should apply to.\nGlobs are not allowed." properties: groups: items: @@ -55,21 +55,21 @@ spec: description: "Location describes the path to be mutated, for example: `spec.containers[name: main].args`." type: "string" match: - description: "Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything." + description: "Match allows the user to limit which resources get mutated.\nIndividual match criteria are AND-ed together. An undefined\nmatch criteria matches everything." properties: excludedNamespaces: - description: "ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "ExcludedNamespaces is a list of namespace names. If defined, a\nconstraint only applies to resources not in a listed namespace.\nExcludedNamespaces also supports a prefix or suffix based glob. For example,\n`excludedNamespaces: [kube-*]` matches both `kube-system` and\n`kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and\n`gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" kinds: items: - description: "Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope." + description: "Kinds accepts a list of objects with apiGroups and kinds fields\nthat list the groups/kinds of objects to which the mutation will apply.\nIf multiple groups/kinds objects are specified,\nonly one match is needed for the resource to be in scope." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nRequired." items: type: "string" type: "array" @@ -80,21 +80,21 @@ spec: type: "object" type: "array" labelSelector: - description: "LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector." + description: "LabelSelector is the combination of two optional fields: `matchLabels`\nand `matchExpressions`. These two fields provide different methods of\nselecting or excluding k8s objects based on the label keys and values\nincluded in object metadata. All selection expressions from both\nsections are ANDed to determine if an object meets the cumulative\nrequirements of the selector." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -106,29 +106,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "Name is the name of an object. If defined, it will match against objects with the specified\nname. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match\nboth `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" namespaceSelector: - description: "NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace." + description: "NamespaceSelector is a label selector against an object's containing\nnamespace or the object itself, if the object is a namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -140,21 +141,22 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`." + description: "Namespaces is a list of namespace names. If defined, a constraint only\napplies to resources in a listed namespace. Namespaces also supports a\nprefix or suffix based glob. For example, `namespaces: [kube-*]` matches both\n`kube-system` and `kube-public`, and `namespaces: [*-system]` matches both\n`kube-system` and `gatekeeper-system`." items: - description: "A string that supports globbing at its front or end. Ex: \"kube-*\" will match \"kube-system\" or \"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\". The asterisk is required for wildcard matching." - pattern: "^(\\*|\\*-)?[a-z0-9]([-:a-z0-9]*[a-z0-9])?(\\*|-\\*)?$" + description: "A string that supports globbing at its front and end. Ex: \"kube-*\" will match \"kube-system\" or\n\"kube-public\", \"*-system\" will match \"kube-system\" or \"gatekeeper-system\", \"*system*\" will\nmatch \"system-kube\" or \"kube-system\". The asterisk is required for wildcard matching." + pattern: "^\\*?[-:a-z0-9]*\\*?$" type: "string" type: "array" scope: - description: "Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" + description: "Scope determines if cluster-scoped and/or namespaced-scoped resources\nare matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`)" type: "string" source: - description: "Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources." + description: "Source determines whether generated or original resources are matched.\nAccepts `Generated`|`Original`|`All` (defaults to `All`). A value of\n`Generated` will only match generated resources, while `Original` will only\nmatch regular resources." enum: - "All" - "Generated" @@ -172,9 +174,9 @@ spec: - "prune" type: "string" pathTests: - description: "PathTests are a series of existence tests that can be checked before a mutation is applied" + description: "PathTests are a series of existence tests that can be checked\nbefore a mutation is applied" items: - description: "PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. \n Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate." + description: "PathTest allows the user to customize how the mutation works if parent\npaths are missing. It traverses the list in order. All sub paths are\ntested against the provided condition, if the test fails, the mutation is\nnot applied. All `subPath` entries must be a prefix of `location`. Any\nglob characters will take on the same value as was used to\nexpand the matching glob in `location`.\n\n\nAvailable Tests:\n* MustExist - the path must exist or do not mutate\n* MustNotExist - the path must not exist or do not mutate." properties: condition: description: "Condition describes whether the path either MustExist or MustNotExist in the original object" @@ -208,7 +210,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -217,7 +219,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml index 683165972..3d5c49eff 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "constraintpodstatuses.status.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "ConstraintPodStatus is the Schema for the constraintpodstatuses API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,7 +33,7 @@ spec: description: "ConstraintPodStatusStatus defines the observed state of ConstraintPodStatus." properties: constraintUID: - description: "Storing the constraint UID allows us to detect drift, such as when a constraint has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the constraint UID allows us to detect drift, such as\nwhen a constraint has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" enforced: type: "boolean" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml index 70b597683..a89bf4121 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "constrainttemplatepodstatuses.status.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "ConstraintTemplatePodStatus is the Schema for the constrainttemplatepodstatuses API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -58,7 +58,7 @@ spec: type: "string" type: "array" templateUID: - description: "UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated." + description: "UID is a type that holds unique ID values, including UUIDs. Because we\ndon't ONLY use UUIDs, this is an alias to string. Being a type captures\nintent and helps make sure that UIDs and names do not get conflated." type: "string" type: "object" type: "object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml index a932ba3c7..f24735ed9 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/expansiontemplatepodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "expansiontemplatepodstatuses.status.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "ExpansionTemplatePodStatus is the Schema for the expansiontemplatepodstatuses API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -54,7 +54,7 @@ spec: type: "string" type: "array" templateUID: - description: "UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated." + description: "UID is a type that holds unique ID values, including UUIDs. Because we\ndon't ONLY use UUIDs, this is an alias to string. Being a type captures\nintent and helps make sure that UIDs and names do not get conflated." type: "string" type: "object" type: "object" diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml index 0ec91a90e..27d0c7d9c 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/mutatorpodstatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.14.0" labels: gatekeeper.sh/system: "yes" name: "mutatorpodstatuses.status.gatekeeper.sh" @@ -22,10 +22,10 @@ spec: description: "MutatorPodStatus is the Schema for the mutationpodstatuses API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -41,7 +41,7 @@ spec: message: type: "string" type: - description: "Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type." + description: "Type indicates a specific class of error for use by controller code.\nIf not present, the error should be treated as not matching any known type." type: "string" required: - "message" @@ -50,7 +50,7 @@ spec: id: type: "string" mutatorUID: - description: "Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch" + description: "Storing the mutator UID allows us to detect drift, such as\nwhen a mutator has been recreated after its CRD was deleted\nout from under it, interrupting the watch" type: "string" observedGeneration: format: "int64" diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml index f6e54dc8b..432d5a66d 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml @@ -32,71 +32,96 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: + description: "Instrumentation is the spec for OpenTelemetry instrumentation." properties: apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values." type: "string" kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase." type: "string" metadata: type: "object" spec: + description: "InstrumentationSpec defines the desired state of OpenTelemetry SDK and instrumentation." properties: apacheHttpd: + description: "ApacheHttpd defines configuration for Apache HTTPD auto-instrumentation." properties: attrs: + description: "Attrs defines Apache HTTPD agent specific attributes. The precedence is:\n`agent default attributes` > `instrument spec attributes` .\nAttributes are documented at https://github." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -108,61 +133,82 @@ spec: type: "object" type: "array" configPath: + description: "Location of Apache HTTPD server configuration.\nNeeded only if different from default \"/usr/local/apache2/conf\"" type: "string" env: + description: "Env defines Apache HTTPD specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -174,13 +220,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with Apache SDK and auto-instrumentation." type: "string" resourceRequirements: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -196,6 +247,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -204,73 +256,97 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" version: + description: "Apache HTTPD server version. One of 2.4 or 2.2. Default is 2.4" type: "string" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" dotnet: + description: "DotNet defines configuration for DotNet auto-instrumentation." properties: env: + description: "Env defines DotNet specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -282,13 +358,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with DotNet SDK and auto-instrumentation." type: "string" resourceRequirements: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -304,6 +385,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -312,69 +394,91 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" env: + description: "Env defines common env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -386,66 +490,89 @@ spec: type: "object" type: "array" exporter: + description: "Exporter defines exporter configuration." properties: endpoint: + description: "Endpoint is address of the collector with OTLP endpoint." type: "string" type: "object" go: + description: "Go defines configuration for Go auto-instrumentation." properties: env: + description: "Env defines Go specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -457,13 +584,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with Go SDK and auto-instrumentation." type: "string" resourceRequirements: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -479,6 +611,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -487,71 +620,94 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" java: + description: "Java defines configuration for java auto-instrumentation." properties: env: + description: "Env defines java specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -563,13 +719,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with javaagent auto-instrumentation JAR." type: "string" resources: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -585,6 +746,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -593,71 +755,94 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" nginx: + description: "Nginx defines configuration for Nginx auto-instrumentation." properties: attrs: + description: "Attrs defines Nginx agent specific attributes. The precedence order is:\n`agent default attributes` > `instrument spec attributes` .\nAttributes are documented at https://github." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -669,61 +854,82 @@ spec: type: "object" type: "array" configFile: + description: "Location of Nginx configuration file.\nNeeded only if different from default \"/etx/nginx/nginx.conf\"" type: "string" env: + description: "Env defines Nginx specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -735,13 +941,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with Nginx SDK and auto-instrumentation." type: "string" resourceRequirements: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -757,6 +968,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -765,71 +977,94 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" nodejs: + description: "NodeJS defines configuration for nodejs auto-instrumentation." properties: env: + description: "Env defines nodejs specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -841,13 +1076,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with NodeJS SDK and auto-instrumentation." type: "string" resourceRequirements: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -863,6 +1103,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -871,17 +1112,21 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" propagators: + description: "Propagators defines inter-process context propagation configuration.\nValues in this list will be set in the OTEL_PROPAGATORS env var.\nEnum=tracecontext;baggage;b3;b3multi;jaeger;xray;ottrace;none" items: + description: "Propagator represents the propagation type." enum: - "tracecontext" - "baggage" @@ -894,61 +1139,82 @@ spec: type: "string" type: "array" python: + description: "Python defines configuration for python auto-instrumentation." properties: env: + description: "Env defines python specific env vars." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -960,13 +1226,18 @@ spec: type: "object" type: "array" image: + description: "Image is a container image with Python SDK and auto-instrumentation." type: "string" resourceRequirements: + description: "Resources describes the compute resource requirements." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -982,6 +1253,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -990,29 +1262,37 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" volumeLimitSize: anyOf: - type: "integer" - type: "string" + description: "VolumeSizeLimit defines size limit for volume used for auto-instrumentation.\nThe default size is 200Mi." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" resource: + description: "Resource defines the configuration for the resource attributes, as defined by the OpenTelemetry specification." properties: addK8sUIDAttributes: + description: "AddK8sUIDAttributes defines whether K8s UID attributes should be collected (e.g. k8s.deployment.uid)." type: "boolean" resourceAttributes: additionalProperties: type: "string" + description: "Attributes defines attributes that are added to the resource.\nFor example environment: dev" type: "object" type: "object" sampler: + description: "Sampler defines sampling configuration." properties: argument: + description: "Argument defines sampler argument.\nThe value depends on the sampler type.\nFor instance for parentbased_traceidratio sampler type it is a number in range [0..1] e.g. 0.25." type: "string" type: + description: "Type defines sampler type.\nThe value will be set in the OTEL_TRACES_SAMPLER env var.\nThe value can be for instance parentbased_always_on, parentbased_always_off, parentbased_traceidratio..." enum: - "always_on" - "always_off" @@ -1026,6 +1306,7 @@ spec: type: "object" type: "object" status: + description: "InstrumentationStatus defines status of the instrumentation." type: "object" type: "object" served: true diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml index 04528d3ff..db97c4357 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml @@ -27,32 +27,46 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: + description: "OpAMPBridge is the Schema for the opampbridges API." properties: apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values." type: "string" kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase." type: "string" metadata: type: "object" spec: + description: "OpAMPBridgeSpec defines the desired state of OpAMPBridge." properties: affinity: + description: "If specified, indicates the pod's scheduling constraints" properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -62,13 +76,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -80,6 +99,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -88,18 +108,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -109,13 +137,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -133,22 +166,32 @@ spec: x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -160,29 +203,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -194,19 +246,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -215,18 +271,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-locate" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -238,29 +302,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -272,14 +345,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" @@ -287,22 +363,32 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -314,29 +400,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -348,19 +443,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -369,18 +468,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-locate" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -392,29 +499,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -426,14 +542,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" @@ -444,69 +563,92 @@ spec: capabilities: additionalProperties: type: "boolean" + description: "Capabilities supported by the OpAMP Bridge" type: "object" componentsAllowed: additionalProperties: items: type: "string" type: "array" + description: "ComponentsAllowed is a list of allowed OpenTelemetry components for each pipeline type (receiver, processor, etc.)" type: "object" endpoint: + description: "OpAMP backend Server endpoint" type: "string" env: + description: "ENV vars to set on the OpAMPBridge Pods." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -518,23 +660,32 @@ spec: type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables on the OpAMPBridge Pods." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" @@ -543,67 +694,92 @@ spec: headers: additionalProperties: type: "string" + description: "Headers is an optional map of headers to use when connecting to the OpAMP Server,\ntypically used to set access tokens or other authorization headers." type: "object" hostNetwork: + description: "HostNetwork indicates if the pod should run in the host networking namespace." type: "boolean" image: + description: "Image indicates the container image to use for the OpAMPBridge." type: "string" imagePullPolicy: + description: "ImagePullPolicy indicates the pull policy to be used for retrieving the container image (Always, Never, IfNotPresent)" type: "string" nodeSelector: additionalProperties: type: "string" + description: "NodeSelector to schedule OpAMPBridge pods." type: "object" podAnnotations: additionalProperties: type: "string" + description: "PodAnnotations is the set of annotations that will be attached to\nOpAMPBridge pods." type: "object" podSecurityContext: + description: "PodSecurityContext will be set as the pod security context." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1." format: "int64" type: "integer" fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod." type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for th" items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -611,37 +787,50 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" ports: + description: "Ports allows a set of ports to be exposed by the underlying v1.Service." items: + description: "ServicePort contains information on service's port." properties: appProtocol: + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax." type: "string" name: + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names." type: "string" nodePort: + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system." format: "int32" type: "integer" port: + description: "The port that will be exposed by this service." format: "int32" type: "integer" protocol: default: "TCP" + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -649,17 +838,23 @@ spec: type: "array" x-kubernetes-list-type: "atomic" priorityClassName: + description: "If specified, indicates the pod's priority.\nIf not specified, the pod priority will be default or zero if there is no\ndefault." type: "string" replicas: + description: "Replicas is the number of pod instances for the OpAMPBridge." format: "int32" maximum: 1.0 type: "integer" resources: + description: "Resources to set on the OpAMPBridge pods." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -675,6 +870,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -683,100 +879,143 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" securityContext: + description: "SecurityContext will be set as the container security context." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount indicates the name of an existing service account to use with this instance. When set,\nthe operator will not automatically create a ServiceAccount for the OpAMPBridge." type: "string" tolerations: + description: "Toleration to schedule OpAMPBridge pods." items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: + description: "TopologySpreadConstraints embedded kubernetes pod configuration option,\ncontrols how pods are spread across your cluster among failure-domains\nsuch as regions, zones, nodes, and other user-defined top" items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -788,27 +1027,35 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed." format: "int32" type: "integer" minDomains: + description: "MinDomains indicates a minimum number of eligible domains." format: "int32" type: "integer" nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew." type: "string" nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew." type: "string" topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology." type: "string" whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it." type: "string" required: - "maxSkew" @@ -817,24 +1064,33 @@ spec: type: "object" type: "array" upgradeStrategy: + description: "UpgradeStrategy represents how the operator will handle upgrades to the CR when a newer version of the operator is deployed" enum: - "automatic" - "none" type: "string" volumeMounts: + description: "VolumeMounts represents the mount points to use in the underlying OpAMPBridge deployment(s)" items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted." type: "string" required: - "mountPath" @@ -843,106 +1099,145 @@ spec: type: "array" x-kubernetes-list-type: "atomic" volumes: + description: "Volumes represents which volumes to use in the underlying OpAMPBridge deployment(s)." items: + description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes." properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\"." format: "int32" type: "integer" readOnly: + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" type: "object" azureDisk: + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." properties: cachingMode: + description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." type: "string" diskName: + description: "diskName is the Name of the data disk in the blob storage" type: "string" diskURI: + description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: + description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set)." type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" - "diskURI" type: "object" azureFile: + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: + description: "secretName is the name of secret that contains Azure Storage Account Name and Key" type: "string" shareName: + description: "shareName is the azure share Name" type: "string" required: - "secretName" - "shareName" type: "object" cephfs: + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" path: + description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" type: "object" configMap: + description: "configMap represents a configMap that should populate this volume" properties: defaultMode: + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -950,66 +1245,88 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" csi: + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" type: "object" downwardAPI: + description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default." format: "int32" type: "integer" items: + description: "Items is a list of downward API volume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" @@ -1021,21 +1338,27 @@ spec: type: "array" type: "object" emptyDir: + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory." type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: + description: "ephemeral represents a volume that is handled by a cluster storage driver." properties: volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e." properties: metadata: + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." properties: annotations: additionalProperties: @@ -1055,18 +1378,24 @@ spec: type: "string" type: "object" spec: + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate." properties: accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s." properties: apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: + description: "Kind is the type of resource being referenced" type: "string" name: + description: "Name is the name of resource being referenced" type: "string" required: - "kind" @@ -1074,20 +1403,26 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired." properties: apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: + description: "Kind is the type of resource being referenced" type: "string" name: + description: "Name is the name of resource being referenced" type: "string" namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s." type: "string" required: - "kind" - "name" type: "object" resources: + description: "resources represents the minimum resources the volume should have." properties: limits: additionalProperties: @@ -1096,6 +1431,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1104,18 +1440,25 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" selector: + description: "selector is a label query over volumes to consider for binding." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -1127,16 +1470,21 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim." type: "string" volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" required: @@ -1144,38 +1492,51 @@ spec: type: "object" type: "object" fc: + description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: + description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: + description: "targetWWNs is Optional: FC target worldwide names (WWNs)" items: type: "string" type: "array" wwids: + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: + description: "driver is the name of the driver to use for this volume." type: "string" fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: type: "string" + description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1183,88 +1544,120 @@ spec: - "driver" type: "object" flocker: + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: + description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes." properties: fsType: + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\"." format: "int32" type: "integer" pdName: + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated." properties: directory: + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository." type: "string" repository: + description: "repository is the URL" type: "string" revision: + description: "revision is the commit hash for the specified revision." type: "string" required: - "repository" type: "object" glusterfs: + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container." properties: path: + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: + description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" type: "boolean" chapAuthSession: + description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" initiatorName: + description: "initiatorName is the custom iSCSI Initiator Name." type: "string" iqn: + description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: + description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: + description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -1272,68 +1665,94 @@ spec: - "targetPortal" type: "object" name: + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes." properties: claimName: + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" type: "object" photonPersistentDisk: + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: + description: "pdID is the ID that identifies Photon Controller persistent disk" type: "string" required: - "pdID" type: "object" portworxVolume: + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: + description: "volumeID uniquely identifies a Portworx volume" type: "string" required: - "volumeID" type: "object" projected: + description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" sources: + description: "sources is the list of volume projections" items: + description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate." properties: labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\"." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -1345,31 +1764,42 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist." type: "boolean" path: + description: "Relative path from the volume root to write the bundle." type: "string" signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" type: "object" configMap: + description: "configMap information about the configMap data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -1377,42 +1807,56 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" downwardAPI: + description: "downwardAPI information about the downwardAPI data to project" properties: items: + description: "Items is a list of DownwardAPIVolume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" @@ -1424,16 +1868,22 @@ spec: type: "array" type: "object" secret: + description: "secret information about the secret data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -1441,19 +1891,25 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" serviceAccountToken: + description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token." type: "string" expirationSeconds: + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token." format: "int64" type: "integer" path: + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -1462,76 +1918,105 @@ spec: type: "array" type: "object" quobyte: + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: + description: "volume is a string that references an already created Quobyte volume by name." type: "string" required: - "registry" - "volume" type: "object" rbd: + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" image: + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" - "monitors" type: "object" scaleIO: + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: + description: "gateway is the host address of the ScaleIO API Gateway." type: "string" protectionDomain: + description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" sslEnabled: + description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: + description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." type: "string" system: + description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -1539,19 +2024,26 @@ spec: - "system" type: "object" secret: + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" items: + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -1559,36 +2051,50 @@ spec: type: "object" type: "array" optional: + description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used." type: "string" type: "object" vsphereVolume: + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: + description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." type: "string" storagePolicyName: + description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." type: "string" volumePath: + description: "volumePath is the path that identifies vSphere volume vmdk" type: "string" required: - "volumePath" @@ -1603,8 +2109,10 @@ spec: - "endpoint" type: "object" status: + description: "OpAMPBridgeStatus defines the observed state of OpAMPBridge." properties: version: + description: "Version of the managed OpAMP Bridge (operand)" type: "string" type: "object" type: "object" diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml index a2d7640aa..98808ae7a 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml @@ -38,85 +38,111 @@ spec: jsonPath: ".spec.managementState" name: "Management" type: "string" - deprecated: true - deprecationWarning: "OpenTelemetryCollector v1alpha1 is deprecated. Migrate to v1beta1." name: "v1alpha1" schema: openAPIV3Schema: + description: "OpenTelemetryCollector is the Schema for the opentelemetrycollectors API." properties: apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values." type: "string" kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase." type: "string" metadata: type: "object" spec: + description: "OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector." properties: additionalContainers: + description: "AdditionalContainers allows injecting additional containers into the Collector's pod definition." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment." items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment." items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -128,53 +154,74 @@ spec: type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes." type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -182,57 +229,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: + description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -240,33 +304,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: + description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -274,37 +346,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: + description: "GRPC specifies an action involving a GRPC port." properties: port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md)." type: "string" required: - "port" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -312,62 +397,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -378,37 +482,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: + description: "GRPC specifies an action involving a GRPC port." properties: port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md)." type: "string" required: - "port" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -416,51 +533,66 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resizePolicy: + description: "Resources resize policy for the container." items: + description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -469,11 +601,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -489,6 +625,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -497,103 +634,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\"." type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: + description: "GRPC specifies an action involving a GRPC port." properties: port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md)." type: "string" required: - "port" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -601,61 +779,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions." type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -663,19 +861,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted." type: "string" required: - "mountPath" @@ -683,28 +889,39 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" affinity: + description: "If specified, indicates the pod's scheduling constraints" properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -714,13 +931,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -732,6 +954,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -740,18 +963,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -761,13 +992,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -785,22 +1021,32 @@ spec: x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -812,29 +1058,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -846,19 +1101,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -867,18 +1126,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-locate" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -890,29 +1157,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -924,14 +1200,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" @@ -939,22 +1218,32 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -966,29 +1255,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -1000,19 +1298,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1021,18 +1323,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-locate" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -1044,29 +1354,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -1078,14 +1397,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" @@ -1096,22 +1418,31 @@ spec: args: additionalProperties: type: "string" + description: "Args is the set of arguments to pass to the OpenTelemetry Collector binary" type: "object" autoscaler: + description: "Autoscaler specifies the pod autoscaling configuration to use\nfor the OpenTelemetryCollector workload." properties: behavior: + description: "HorizontalPodAutoscalerBehavior configures the scaling behavior of the target\nin both Up and Down directions (scaleUp and scaleDown fields respectively)." properties: scaleDown: + description: "scaleDown is scaling policy for scaling Down.\nIf not set, the default value is to allow to scale down to minReplicas pods, with a\n300 second stabilization window (i.e." properties: policies: + description: "policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid" items: + description: "HPAScalingPolicy is a single policy which must hold true for a specified past interval." properties: periodSeconds: + description: "periodSeconds specifies the window of time for which the policy should hold true.\nPeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)." format: "int32" type: "integer" type: + description: "type is used to specify the scaling policy." type: "string" value: + description: "value contains the amount of change which is permitted by the policy.\nIt must be greater than zero" format: "int32" type: "integer" required: @@ -1122,22 +1453,30 @@ spec: type: "array" x-kubernetes-list-type: "atomic" selectPolicy: + description: "selectPolicy is used to specify which policy should be used.\nIf not set, the default value Max is used." type: "string" stabilizationWindowSeconds: + description: "stabilizationWindowSeconds is the number of seconds for which past recommendations should be\nconsidered while scaling up or scaling down." format: "int32" type: "integer" type: "object" scaleUp: + description: "scaleUp is scaling policy for scaling Up." properties: policies: + description: "policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid" items: + description: "HPAScalingPolicy is a single policy which must hold true for a specified past interval." properties: periodSeconds: + description: "periodSeconds specifies the window of time for which the policy should hold true.\nPeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)." format: "int32" type: "integer" type: + description: "type is used to specify the scaling policy." type: "string" value: + description: "value contains the amount of change which is permitted by the policy.\nIt must be greater than zero" format: "int32" type: "integer" required: @@ -1148,34 +1487,48 @@ spec: type: "array" x-kubernetes-list-type: "atomic" selectPolicy: + description: "selectPolicy is used to specify which policy should be used.\nIf not set, the default value Max is used." type: "string" stabilizationWindowSeconds: + description: "stabilizationWindowSeconds is the number of seconds for which past recommendations should be\nconsidered while scaling up or scaling down." format: "int32" type: "integer" type: "object" type: "object" maxReplicas: + description: "MaxReplicas sets an upper bound to the autoscaling feature. If MaxReplicas is set autoscaling is enabled." format: "int32" type: "integer" metrics: + description: "Metrics is meant to provide a customizable way to configure HPA metrics.\ncurrently the only supported custom metrics is type=Pod." items: + description: "MetricSpec defines a subset of metrics to be defined for the HPA's metric array\nmore metric type can be supported as needed.\nSee https://pkg.go.dev/k8s.io/api/autoscaling/v2#MetricSpec for reference." properties: pods: + description: "PodsMetricSource indicates how to scale on a metric describing each pod in\nthe current scale target (for example, transactions-processed-per-second)." properties: metric: + description: "metric identifies the target metric by name and selector" properties: name: + description: "name is the name of the given metric" type: "string" selector: + description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scopi" properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -1187,6 +1540,7 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -1194,22 +1548,27 @@ spec: - "name" type: "object" target: + description: "target specifies the target value for the given metric" properties: averageUtilization: + description: "averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods." format: "int32" type: "integer" averageValue: anyOf: - type: "integer" - type: "string" + description: "averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: + description: "type represents whether the metric type is Utilization, Value, or AverageValue" type: "string" value: anyOf: - type: "integer" - type: "string" + description: "value is the target value of the metric (as a quantity)." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -1220,29 +1579,36 @@ spec: - "target" type: "object" type: + description: "MetricSourceType indicates the type of metric." type: "string" required: - "type" type: "object" type: "array" minReplicas: + description: "MinReplicas sets a lower bound to the autoscaling feature. Set this if your are using autoscaling. It must be at least 1" format: "int32" type: "integer" targetCPUUtilization: + description: "TargetCPUUtilization sets the target average CPU used across all replicas.\nIf average CPU exceeds this value, the HPA will scale up. Defaults to 90 percent." format: "int32" type: "integer" targetMemoryUtilization: + description: "TargetMemoryUtilization sets the target average memory utilization across all replicas" format: "int32" type: "integer" type: "object" config: + description: "Config is the raw JSON to be used as the collector's configuration. Refer to the OpenTelemetry Collector documentation for details." type: "string" configmaps: + description: "ConfigMaps is a list of ConfigMaps in the same namespace as the OpenTelemetryCollector\nobject, which shall be mounted into the Collector Pods." items: properties: mountpath: type: "string" name: + description: "Configmap defines name and path where the configMaps should be mounted." type: "string" required: - "mountpath" @@ -1250,77 +1616,102 @@ spec: type: "object" type: "array" deploymentUpdateStrategy: + description: "UpdateStrategy represents the strategy the operator will take replacing existing Deployment pods with new pods\nhttps://kubernetes." properties: rollingUpdate: + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." properties: maxSurge: anyOf: - type: "integer" - type: "string" + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%)." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%)." x-kubernetes-int-or-string: true type: "object" type: + description: "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate." type: "string" type: "object" env: + description: "ENV vars to set on the OpenTelemetry Collector's Pods. These can then in certain cases be\nconsumed in the config file for the Collector." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -1332,47 +1723,65 @@ spec: type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables on the OpenTelemetry Collector's Pods.\nThese can then in certain cases be consumed in the config file for the Collector." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" type: "object" type: "array" hostNetwork: + description: "HostNetwork indicates if the pod should run in the host networking namespace." type: "boolean" image: + description: "Image indicates the container image to use for the OpenTelemetry Collector." type: "string" imagePullPolicy: + description: "ImagePullPolicy indicates the pull policy to be used for retrieving the container image (Always, Never, IfNotPresent)" type: "string" ingress: + description: "Ingress is used to specify how OpenTelemetry Collector is exposed. This\nfunctionality is only available if one of the valid modes is set.\nValid modes are: deployment, daemonset and statefulset." properties: annotations: additionalProperties: type: "string" + description: "Annotations to add to ingress.\ne.g. 'cert-manager.io/cluster-issuer: \"letsencrypt\"'" type: "object" hostname: + description: "Hostname by which the ingress proxy can be reached." type: "string" ingressClassName: + description: "IngressClassName is the name of an IngressClass cluster resource. Ingress\ncontroller implementations use this field to know whether they should be\nserving this Ingress resource." type: "string" route: + description: "Route is an OpenShift specific section that is only considered when\ntype \"route\" is used." properties: termination: + description: "Termination indicates termination type. By default \"edge\" is used." enum: - "insecure" - "edge" @@ -1381,93 +1790,123 @@ spec: type: "string" type: "object" ruleType: + description: "RuleType defines how Ingress exposes collector receivers.\nIngressRuleTypePath (\"path\") exposes each receiver port on a unique path on single domain defined in Hostname." enum: - "path" - "subdomain" type: "string" tls: + description: "TLS configuration." items: + description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone." type: "string" type: "object" type: "array" type: + description: "Type default value is: \"\"\nSupported types are: ingress, route" enum: - "ingress" - "route" type: "string" type: "object" initContainers: + description: "InitContainers allows injecting initContainers to the Collector's pod definition." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment." items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment." items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -1479,53 +1918,74 @@ spec: type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes." type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1533,57 +1993,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: + description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1591,33 +2068,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: + description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1625,37 +2110,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: + description: "GRPC specifies an action involving a GRPC port." properties: port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md)." type: "string" required: - "port" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1663,62 +2161,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1729,37 +2246,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: + description: "GRPC specifies an action involving a GRPC port." properties: port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md)." type: "string" required: - "port" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1767,51 +2297,66 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resizePolicy: + description: "Resources resize policy for the container." items: + description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1820,11 +2365,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1840,6 +2389,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1848,103 +2398,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\"." type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: + description: "GRPC specifies an action involving a GRPC port." properties: port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md)." type: "string" required: - "port" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1952,61 +2543,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions." type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -2014,19 +2625,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted." type: "string" required: - "mountPath" @@ -2034,32 +2653,43 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2067,57 +2697,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: + description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc." properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2125,33 +2772,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: + description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2159,39 +2814,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Liveness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector." properties: failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nDefaults to 0 seconds. Minimum value is 0.\nMore info: https://kubernetes." format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" managementState: default: "managed" + description: "ManagementState defines if the CR should be managed by the operator or not.\nDefault is managed." enum: - "managed" - "unmanaged" type: "string" maxReplicas: + description: "MaxReplicas sets an upper bound to the autoscaling feature. If MaxReplicas is set autoscaling is enabled.\nDeprecated: use \"OpenTelemetryCollector.Spec.Autoscaler.MaxReplicas\" instead." format: "int32" type: "integer" minReplicas: + description: "MinReplicas sets a lower bound to the autoscaling feature. Set this if you are using autoscaling. It must be at least 1\nDeprecated: use \"OpenTelemetryCollector.Spec.Autoscaler.MinReplicas\" instead." format: "int32" type: "integer" mode: + description: "Mode represents how the collector should be deployed (deployment, daemonset, statefulset or sidecar)" enum: - "daemonset" - "deployment" @@ -2201,80 +2867,108 @@ spec: nodeSelector: additionalProperties: type: "string" + description: "NodeSelector to schedule OpenTelemetry Collector pods.\nThis is only relevant to daemonset, statefulset, and deployment mode" type: "object" observability: + description: "ObservabilitySpec defines how telemetry data gets handled." properties: metrics: + description: "Metrics defines the metrics configuration for operands." properties: DisablePrometheusAnnotations: + description: "DisablePrometheusAnnotations controls the automatic addition of default Prometheus annotations\n('prometheus.io/scrape', 'prometheus.io/port', and 'prometheus.io/path')" type: "boolean" enableMetrics: + description: "EnableMetrics specifies if ServiceMonitor or PodMonitor(for sidecar mode) should be created for the service managed by the OpenTelemetry Operator.\nThe operator.observability." type: "boolean" type: "object" type: "object" podAnnotations: additionalProperties: type: "string" + description: "PodAnnotations is the set of annotations that will be attached to\nCollector and Target Allocator pods." type: "object" podDisruptionBudget: + description: "PodDisruptionBudget specifies the pod disruption budget configuration to use\nfor the OpenTelemetryCollector workload." properties: maxUnavailable: anyOf: - type: "integer" - type: "string" + description: "An eviction is allowed if at most \"maxUnavailable\" pods selected by\n\"selector\" are unavailable after the eviction, i.e. even in absence of\nthe evicted pod." x-kubernetes-int-or-string: true minAvailable: anyOf: - type: "integer" - type: "string" + description: "An eviction is allowed if at least \"minAvailable\" pods selected by\n\"selector\" will still be available after the eviction, i.e. even in the\nabsence of the evicted pod." x-kubernetes-int-or-string: true type: "object" podSecurityContext: + description: "PodSecurityContext configures the pod security context for the\nopentelemetry-collector pod, when running as a deployment, daemonset,\nor statefulset." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1." format: "int64" type: "integer" fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod." type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for th" items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -2282,37 +2976,50 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" ports: + description: "Ports allows a set of ports to be exposed by the underlying v1.Service. By default, the operator\nwill attempt to infer the required ports by parsing the .Spec." items: + description: "ServicePort contains information on service's port." properties: appProtocol: + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax." type: "string" name: + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names." type: "string" nodePort: + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system." format: "int32" type: "integer" port: + description: "The port that will be exposed by this service." format: "int32" type: "integer" protocol: default: "TCP" + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2320,16 +3027,22 @@ spec: type: "array" x-kubernetes-list-type: "atomic" priorityClassName: + description: "If specified, indicates the pod's priority.\nIf not specified, the pod priority will be default or zero if there is no\ndefault." type: "string" replicas: + description: "Replicas is the number of pod instances for the underlying OpenTelemetry Collector. Set this if your are not using autoscaling" format: "int32" type: "integer" resources: + description: "Resources to set on the OpenTelemetry Collector pods." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2345,6 +3058,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2353,92 +3067,132 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" securityContext: + description: "SecurityContext configures the container security context for\nthe opentelemetry-collector container." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount indicates the name of an existing service account to use with this instance. When set,\nthe operator will not automatically create a ServiceAccount for the collector." type: "string" shareProcessNamespace: + description: "ShareProcessNamespace indicates if the pod's containers should share process namespace." type: "boolean" targetAllocator: + description: "TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not." properties: affinity: + description: "If specified, indicates the pod's scheduling constraints" properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2448,13 +3202,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2466,6 +3225,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -2474,18 +3234,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2495,13 +3263,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2519,22 +3292,32 @@ spec: x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2546,29 +3329,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2580,19 +3372,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2601,18 +3397,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-locate" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2624,29 +3428,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2658,14 +3471,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" @@ -2673,22 +3489,32 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2700,29 +3526,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2734,19 +3569,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2755,18 +3594,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-locate" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2778,29 +3625,38 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -2812,14 +3668,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose " type: "string" required: - "topologyKey" @@ -2829,67 +3688,89 @@ spec: type: "object" allocationStrategy: default: "consistent-hashing" + description: "AllocationStrategy determines which strategy the target allocator should use for allocation.\nThe current options are least-weighted, consistent-hashing and per-node. The default is\nconsistent-hashing." enum: - "least-weighted" - "consistent-hashing" - "per-node" type: "string" enabled: + description: "Enabled indicates whether to use a target allocation mechanism for Prometheus targets or not." type: "boolean" env: + description: "ENV vars to set on the OpenTelemetry TargetAllocator's Pods. These can then in certain cases be\nconsumed in the config file for the TargetAllocator." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -2902,82 +3783,111 @@ spec: type: "array" filterStrategy: default: "relabel-config" + description: "FilterStrategy determines how to filter targets before allocating them among the collectors.\nThe only current option is relabel-config (drops targets based on prom relabel_config)." type: "string" image: + description: "Image indicates the container image to use for the OpenTelemetry TargetAllocator." type: "string" nodeSelector: additionalProperties: type: "string" + description: "NodeSelector to schedule OpenTelemetry TargetAllocator pods." type: "object" observability: + description: "ObservabilitySpec defines how telemetry data gets handled." properties: metrics: + description: "Metrics defines the metrics configuration for operands." properties: DisablePrometheusAnnotations: + description: "DisablePrometheusAnnotations controls the automatic addition of default Prometheus annotations\n('prometheus.io/scrape', 'prometheus.io/port', and 'prometheus.io/path')" type: "boolean" enableMetrics: + description: "EnableMetrics specifies if ServiceMonitor or PodMonitor(for sidecar mode) should be created for the service managed by the OpenTelemetry Operator.\nThe operator.observability." type: "boolean" type: "object" type: "object" podDisruptionBudget: + description: "PodDisruptionBudget specifies the pod disruption budget configuration to use\nfor the target allocator workload." properties: maxUnavailable: anyOf: - type: "integer" - type: "string" + description: "An eviction is allowed if at most \"maxUnavailable\" pods selected by\n\"selector\" are unavailable after the eviction, i.e. even in absence of\nthe evicted pod." x-kubernetes-int-or-string: true minAvailable: anyOf: - type: "integer" - type: "string" + description: "An eviction is allowed if at least \"minAvailable\" pods selected by\n\"selector\" will still be available after the eviction, i.e. even in the\nabsence of the evicted pod." x-kubernetes-int-or-string: true type: "object" podSecurityContext: + description: "PodSecurityContext configures the pod security context for the\ntargetallocator." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1." format: "int64" type: "integer" fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod." type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for th" items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -2985,43 +3895,58 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" prometheusCR: + description: "PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval." properties: enabled: + description: "Enabled indicates whether to use a PrometheusOperator custom resources as targets or not." type: "boolean" podMonitorSelector: additionalProperties: type: "string" + description: "PodMonitors to be selected for target discovery.\nThis is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a\nPodMonitor's meta labels." type: "object" scrapeInterval: default: "30s" + description: "Interval between consecutive scrapes. Equivalent to the same setting on the Prometheus CRD.\n\n\nDefault: \"30s\"" format: "duration" type: "string" serviceMonitorSelector: additionalProperties: type: "string" + description: "ServiceMonitors to be selected for target discovery.\nThis is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a\nServiceMonitor's meta labels." type: "object" type: "object" replicas: + description: "Replicas is the number of pod instances for the underlying TargetAllocator. This should only be set to a value\nother than 1 if a strategy that allows for high availability is chosen." format: "int32" type: "integer" resources: + description: "Resources to set on the OpenTelemetryTargetAllocator containers." properties: claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate." items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3037,6 +3962,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3045,100 +3971,143 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" securityContext: + description: "SecurityContext configures the container security context for\nthe targetallocator." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options." properties: localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work." type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used." type: "string" required: - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container." type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount indicates the name of an existing service account to use with this instance. When set,\nthe operator will not automatically create a ServiceAccount for the TargetAllocator." type: "string" tolerations: + description: "Toleration embedded kubernetes pod configuration option,\ncontrols how pods can be scheduled with matching taints" items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: + description: "TopologySpreadConstraints embedded kubernetes pod configuration option,\ncontrols how pods are spread across your cluster among failure-domains\nsuch as regions, zones, nodes, and other user-defined top" items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -3150,27 +4119,35 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed." format: "int32" type: "integer" minDomains: + description: "MinDomains indicates a minimum number of eligible domains." format: "int32" type: "integer" nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew." type: "string" nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew." type: "string" topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology." type: "string" whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it." type: "string" required: - "maxSkew" @@ -3180,37 +4157,53 @@ spec: type: "array" type: "object" terminationGracePeriodSeconds: + description: "Duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" type: "integer" tolerations: + description: "Toleration to schedule OpenTelemetry Collector pods.\nThis is only relevant to daemonset, statefulset, and deployment mode" items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: + description: "TopologySpreadConstraints embedded kubernetes pod configuration option,\ncontrols how pods are spread across your cluster among failure-domains\nsuch as regions, zones, nodes, and other user-defined top" items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -3222,27 +4215,35 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed." format: "int32" type: "integer" minDomains: + description: "MinDomains indicates a minimum number of eligible domains." format: "int32" type: "integer" nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew." type: "string" nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew." type: "string" topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology." type: "string" whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it." type: "string" required: - "maxSkew" @@ -3251,36 +4252,47 @@ spec: type: "object" type: "array" updateStrategy: + description: "UpdateStrategy represents the strategy the operator will take replacing existing DaemonSet pods with new pods\nhttps://kubernetes." properties: rollingUpdate: + description: "Rolling update config params. Present only if type = \"RollingUpdate\".\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be. Same as Deployment `strategy." properties: maxSurge: anyOf: - type: "integer" - type: "string" + description: "The maximum number of nodes with an existing available DaemonSet pod that\ncan have an updated DaemonSet pod during during an update." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" + description: "The maximum number of DaemonSet pods that can be unavailable during the\nupdate." x-kubernetes-int-or-string: true type: "object" type: + description: "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate." type: "string" type: "object" upgradeStrategy: + description: "UpgradeStrategy represents how the operator will handle upgrades to the CR when a newer version of the operator is deployed" enum: - "automatic" - "none" type: "string" volumeClaimTemplates: + description: "VolumeClaimTemplates will provide stable storage using PersistentVolumes. Only available when the mode=statefulset." items: + description: "PersistentVolumeClaim is a user's request for and claim to a persistent volume" properties: apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values." type: "string" kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase." type: "string" metadata: + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -3300,18 +4312,24 @@ spec: type: "string" type: "object" spec: + description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s." properties: apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: + description: "Kind is the type of resource being referenced" type: "string" name: + description: "Name is the name of resource being referenced" type: "string" required: - "kind" @@ -3319,20 +4337,26 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired." properties: apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: + description: "Kind is the type of resource being referenced" type: "string" name: + description: "Name is the name of resource being referenced" type: "string" namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s." type: "string" required: - "kind" - "name" type: "object" resources: + description: "resources represents the minimum resources the volume should have." properties: limits: additionalProperties: @@ -3341,6 +4365,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3349,18 +4374,25 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" selector: + description: "selector is a label query over volumes to consider for binding." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -3372,27 +4404,36 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim." type: "string" volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" status: + description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: + description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" allocatedResourceStatuses: additionalProperties: + description: "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it." type: "string" + description: "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax." type: "object" x-kubernetes-map-type: "granular" allocatedResources: @@ -3402,6 +4443,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax." type: "object" capacity: additionalProperties: @@ -3410,23 +4452,31 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." items: + description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: lastProbeTime: + description: "lastProbeTime is the time we probed the condition." format: "date-time" type: "string" lastTransitionTime: + description: "lastTransitionTime is the time the condition transitioned from one status to another." format: "date-time" type: "string" message: + description: "message is the human-readable message indicating details about last transition." type: "string" reason: + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition." type: "string" status: type: "string" type: + description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" type: "string" required: - "status" @@ -3434,36 +4484,49 @@ spec: type: "object" type: "array" currentVolumeAttributesClassName: + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using." type: "string" modifyVolumeStatus: + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted." properties: status: + description: "status is the status of the ControllerModifyVolume operation." type: "string" targetVolumeAttributesClassName: + description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" type: "string" required: - "status" type: "object" phase: + description: "phase represents the current phase of PersistentVolumeClaim." type: "string" type: "object" type: "object" type: "array" x-kubernetes-list-type: "atomic" volumeMounts: + description: "VolumeMounts represents the mount points to use in the underlying collector deployment(s)" items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted." type: "string" required: - "mountPath" @@ -3472,106 +4535,145 @@ spec: type: "array" x-kubernetes-list-type: "atomic" volumes: + description: "Volumes represents which volumes to use in the underlying collector deployment(s)." items: + description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes." properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\"." format: "int32" type: "integer" readOnly: + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" type: "object" azureDisk: + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." properties: cachingMode: + description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." type: "string" diskName: + description: "diskName is the Name of the data disk in the blob storage" type: "string" diskURI: + description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: + description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set)." type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" - "diskURI" type: "object" azureFile: + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: + description: "secretName is the name of secret that contains Azure Storage Account Name and Key" type: "string" shareName: + description: "shareName is the azure share Name" type: "string" required: - "secretName" - "shareName" type: "object" cephfs: + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" path: + description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" type: "object" configMap: + description: "configMap represents a configMap that should populate this volume" properties: defaultMode: + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3579,66 +4681,88 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" csi: + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" type: "object" downwardAPI: + description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default." format: "int32" type: "integer" items: + description: "Items is a list of downward API volume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" @@ -3650,21 +4774,27 @@ spec: type: "array" type: "object" emptyDir: + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory." type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: + description: "ephemeral represents a volume that is handled by a cluster storage driver." properties: volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e." properties: metadata: + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." properties: annotations: additionalProperties: @@ -3684,18 +4814,24 @@ spec: type: "string" type: "object" spec: + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate." properties: accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s." properties: apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: + description: "Kind is the type of resource being referenced" type: "string" name: + description: "Name is the name of resource being referenced" type: "string" required: - "kind" @@ -3703,20 +4839,26 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired." properties: apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: + description: "Kind is the type of resource being referenced" type: "string" name: + description: "Name is the name of resource being referenced" type: "string" namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s." type: "string" required: - "kind" - "name" type: "object" resources: + description: "resources represents the minimum resources the volume should have." properties: limits: additionalProperties: @@ -3725,6 +4867,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3733,18 +4876,25 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required." type: "object" type: "object" selector: + description: "selector is a label query over volumes to consider for binding." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -3756,16 +4906,21 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim." type: "string" volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" required: @@ -3773,38 +4928,51 @@ spec: type: "object" type: "object" fc: + description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: + description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: + description: "targetWWNs is Optional: FC target worldwide names (WWNs)" items: type: "string" type: "array" wwids: + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: + description: "driver is the name of the driver to use for this volume." type: "string" fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: type: "string" + description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3812,88 +4980,120 @@ spec: - "driver" type: "object" flocker: + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: + description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes." properties: fsType: + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\"." format: "int32" type: "integer" pdName: + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated." properties: directory: + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository." type: "string" repository: + description: "repository is the URL" type: "string" revision: + description: "revision is the commit hash for the specified revision." type: "string" required: - "repository" type: "object" glusterfs: + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container." properties: path: + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: + description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" type: "boolean" chapAuthSession: + description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" initiatorName: + description: "initiatorName is the custom iSCSI Initiator Name." type: "string" iqn: + description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: + description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: + description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -3901,68 +5101,94 @@ spec: - "targetPortal" type: "object" name: + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes." properties: claimName: + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" type: "object" photonPersistentDisk: + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: + description: "pdID is the ID that identifies Photon Controller persistent disk" type: "string" required: - "pdID" type: "object" portworxVolume: + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: + description: "volumeID uniquely identifies a Portworx volume" type: "string" required: - "volumeID" type: "object" projected: + description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" sources: + description: "sources is the list of volume projections" items: + description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate." properties: labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\"." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty." items: type: "string" type: "array" @@ -3974,31 +5200,42 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs." type: "object" type: "object" x-kubernetes-map-type: "atomic" name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist." type: "boolean" path: + description: "Relative path from the volume root to write the bundle." type: "string" signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" type: "object" configMap: + description: "configMap information about the configMap data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4006,42 +5243,56 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" downwardAPI: + description: "downwardAPI information about the downwardAPI data to project" properties: items: + description: "Items is a list of DownwardAPIVolume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" @@ -4053,16 +5304,22 @@ spec: type: "array" type: "object" secret: + description: "secret information about the secret data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4070,19 +5327,25 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" x-kubernetes-map-type: "atomic" serviceAccountToken: + description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token." type: "string" expirationSeconds: + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token." format: "int64" type: "integer" path: + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -4091,76 +5354,105 @@ spec: type: "array" type: "object" quobyte: + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: + description: "volume is a string that references an already created Quobyte volume by name." type: "string" required: - "registry" - "volume" type: "object" rbd: + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\"." type: "string" image: + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" - "monitors" type: "object" scaleIO: + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: + description: "gateway is the host address of the ScaleIO API Gateway." type: "string" protectionDomain: + description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" sslEnabled: + description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: + description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." type: "string" system: + description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -4168,19 +5460,26 @@ spec: - "system" type: "object" secret: + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" items: + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4188,36 +5487,50 @@ spec: type: "object" type: "array" optional: + description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used." type: "string" type: "object" vsphereVolume: + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: + description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." type: "string" storagePolicyName: + description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." type: "string" volumePath: + description: "volumePath is the path that identifies vSphere volume vmdk" type: "string" required: - "volumePath" @@ -4229,33 +5542,42 @@ spec: x-kubernetes-list-type: "atomic" type: "object" status: + description: "OpenTelemetryCollectorStatus defines the observed state of OpenTelemetryCollector." properties: image: + description: "Image indicates the container image to use for the OpenTelemetry Collector." type: "string" messages: + description: "Messages about actions performed by the operator on this resource.\nDeprecated: use Kubernetes events instead." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" replicas: + description: "Replicas is currently not being set and might be removed in the next version.\nDeprecated: use \"OpenTelemetryCollector.Status.Scale.Replicas\" instead." format: "int32" type: "integer" scale: + description: "Scale is the OpenTelemetryCollector's scale subresource status." properties: replicas: + description: "The total number non-terminated pods targeted by this\nOpenTelemetryCollector's deployment or statefulSet." format: "int32" type: "integer" selector: + description: "The selector used to match the OpenTelemetryCollector's\ndeployment or statefulSet pods." type: "string" statusReplicas: + description: "StatusReplicas is the number of pods targeted by this OpenTelemetryCollector's with a Ready Condition /\nTotal number of non-terminated pods targeted by this OpenTelemetryCollector's (their labels matc" type: "string" type: "object" version: + description: "Version of the managed OpenTelemetry Collector (operand)" type: "string" type: "object" type: "object" served: true - storage: false + storage: true subresources: scale: labelSelectorPath: ".status.scale.selector" diff --git a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml index 188d911fd..a674770aa 100644 --- a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml +++ b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml @@ -6729,6 +6729,18 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + metadata: + description: "Metadata contains metadata for custom resources" + properties: + annotations: + additionalProperties: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + type: "object" openshift: description: "Whether or not the PostgreSQL cluster is being deployed to an OpenShift environment. If the field is unset, the operator will automatically detect the environment." type: "boolean" diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml index 3da5d56c5..69041b530 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml @@ -97,6 +97,9 @@ spec: lastTransition: format: "date-time" type: "string" + latestRestorableTime: + format: "date-time" + type: "string" pbmName: type: "string" pbmPod: diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml index 2e0953bad..2384e5409 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml @@ -67,6 +67,9 @@ spec: lastTransition: format: "date-time" type: "string" + latestRestorableTime: + format: "date-time" + type: "string" pbmName: type: "string" pbmPod: diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml index 702a39643..23af1bf98 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml @@ -3040,6 +3040,9 @@ spec: items: type: "string" type: "array" + nodePort: + format: "int32" + type: "integer" serviceAnnotations: additionalProperties: type: "string" @@ -10230,6 +10233,9 @@ spec: items: type: "string" type: "array" + nodePort: + format: "int32" + type: "integer" serviceAnnotations: additionalProperties: type: "string" @@ -15306,6 +15312,9 @@ spec: items: type: "string" type: "array" + nodePort: + format: "int32" + type: "integer" serviceAnnotations: additionalProperties: type: "string" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml index cfe7c7e03..4a162d3e6 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml @@ -1958,8 +1958,10 @@ spec: enableFeatures: description: "Enable access to Prometheus feature flags. By default, no features are enabled. \n Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. \n For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/" items: + minLength: 1 type: "string" type: "array" + x-kubernetes-list-type: "set" enableRemoteWriteReceiver: description: "Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. \n WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver \n It requires Prometheus >= v2.33.0." type: "boolean" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml index 8bc04294a..71a3606c6 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml @@ -1655,8 +1655,10 @@ spec: enableFeatures: description: "Enable access to Prometheus feature flags. By default, no features are enabled. \n Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. \n For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/" items: + minLength: 1 type: "string" type: "array" + x-kubernetes-list-type: "set" enableRemoteWriteReceiver: description: "Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. \n WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver \n It requires Prometheus >= v2.33.0." type: "boolean" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml index 433a0b718..3545c8bc1 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml @@ -761,31 +761,77 @@ spec: - "names" type: "object" type: "array" - ec2SDConfigs: - description: "EC2SDConfigs defines a list of EC2 service discovery configurations." + dockerSDConfigs: + description: "DockerSDConfigs defines a list of Docker service discovery configurations." items: - description: "EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config" + description: "Docker SD configurations allow retrieving scrape targets from Docker Engine hosts. This SD discovers \"containers\" and will create a target for each network IP and port the container is configured to expose. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#docker_sd_config" properties: - accessKey: - description: "AccessKey is the AWS API key." + authorization: + description: "Authorization header configuration to authenticate against the Docker API. Cannot be set at the same time as `oauth2`." properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: + description: "Defines the authentication type. The value is case-insensitive. \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" type: "object" - x-kubernetes-map-type: "atomic" + basicAuth: + description: "BasicAuth information to use on every scrape request." + properties: + password: + description: "`password` specifies a key of a Secret containing the password for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + username: + description: "`username` specifies a key of a Secret containing the username for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" filters: - description: "Filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html" + description: "Optional filters to limit the discovery process to a subset of the available resources." items: - description: "EC2Filter is the configuration for filtering EC2 instances." + description: "DockerFilter is the configuration to limit the discovery process to a subset of available resources." properties: name: type: "string" @@ -798,97 +844,932 @@ spec: - "values" type: "object" type: "array" - port: - description: "The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule." - type: "integer" - refreshInterval: - description: "RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list." - pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + followRedirects: + description: "Configure whether HTTP requests follow HTTP 3xx redirects." + type: "boolean" + host: + description: "Address of the docker daemon" + minLength: 1 type: "string" - region: - description: "The AWS region" + hostNetworkingHost: + description: "The host to use if the container is in host networking mode." type: "string" - roleARN: - description: "AWS Role ARN, an alternative to using AWS API keys." + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. \n It requires Prometheus >= v2.43.0." type: "string" - secretKey: - description: "SecretKey is the AWS API secret." + oauth2: + description: "Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`." properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2 client's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token URL." + type: "object" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" required: - - "key" + - "clientId" + - "clientSecret" + - "tokenUrl" type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "array" - enableCompression: - description: "When false, Prometheus will request uncompressed response from the scraped target. \n It requires Prometheus >= v2.49.0. \n If unset, Prometheus uses true by default." - type: "boolean" - fileSDConfigs: - description: "FileSDConfigs defines a list of file service discovery configurations." - items: - description: "FileSDConfig defines a Prometheus file service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config" - properties: - files: - description: "List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets." - items: - description: "SDFile represents a file used for service discovery" - pattern: "^[^*]*(\\*[^/]*)?\\.(json|yml|yaml|JSON|YML|YAML)$" - type: "string" - minItems: 1 - type: "array" - refreshInterval: - description: "RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files." - pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" - type: "string" - required: - - "files" - type: "object" - type: "array" - gceSDConfigs: - description: "GCESDConfigs defines a list of GCE service discovery configurations." - items: - description: "GCESDConfig configures scrape targets from GCP GCE instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config \n The GCE service discovery will load the Google Cloud credentials from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform \n A pre-requisite for using GCESDConfig is that a Secret containing valid Google Cloud credentials is mounted into the Prometheus or PrometheusAgent pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS environment variable is set to /etc/prometheus/secrets//." - properties: - filter: - description: "Filter can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list" - type: "string" port: - description: "The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule." + description: "The port to scrape metrics from." type: "integer" - project: - description: "The Google Cloud Project ID" - minLength: 1 + proxyConnectHeader: + additionalProperties: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + description: "ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. \n It requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. \n It requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. \n It requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" type: "string" refreshInterval: - description: "RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list." + description: "Time after which the container is refreshed." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" - tagSeparator: - description: "The tag separator is used to separate the tags on concatenation" - type: "string" - zone: - description: "The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs." - minLength: 1 - type: "string" - required: - - "project" - - "zone" - type: "object" - type: "array" - honorLabels: - description: "HonorLabels chooses the metric's labels on collisions with target labels." - type: "boolean" - honorTimestamps: - description: "HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data." + tlsConfig: + description: "TLS configuration applying to the target HTTP endpoint." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + required: + - "host" + type: "object" + type: "array" + ec2SDConfigs: + description: "EC2SDConfigs defines a list of EC2 service discovery configurations." + items: + description: "EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config" + properties: + accessKey: + description: "AccessKey is the AWS API key." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + filters: + description: "Filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html" + items: + description: "EC2Filter is the configuration for filtering EC2 instances." + properties: + name: + type: "string" + values: + items: + type: "string" + type: "array" + required: + - "name" + - "values" + type: "object" + type: "array" + port: + description: "The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule." + type: "integer" + refreshInterval: + description: "RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + region: + description: "The AWS region" + type: "string" + roleARN: + description: "AWS Role ARN, an alternative to using AWS API keys." + type: "string" + secretKey: + description: "SecretKey is the AWS API secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "array" + enableCompression: + description: "When false, Prometheus will request uncompressed response from the scraped target. \n It requires Prometheus >= v2.49.0. \n If unset, Prometheus uses true by default." + type: "boolean" + eurekaSDConfigs: + description: "EurekaSDConfigs defines a list of Eureka service discovery configurations." + items: + description: "Eureka SD configurations allow retrieving scrape targets using the Eureka REST API. Prometheus will periodically check the REST endpoint and create a target for every app instance. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config" + properties: + authorization: + description: "Authorization header to use on every scrape request." + properties: + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: + description: "Defines the authentication type. The value is case-insensitive. \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" + type: "string" + type: "object" + basicAuth: + description: "BasicAuth information to use on every scrape request." + properties: + password: + description: "`password` specifies a key of a Secret containing the password for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + username: + description: "`username` specifies a key of a Secret containing the username for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" + followRedirects: + description: "Configure whether HTTP requests follow HTTP 3xx redirects." + type: "boolean" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. \n It requires Prometheus >= v2.43.0." + type: "string" + oauth2: + description: "Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization` or `basic_auth`." + properties: + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2 client's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token URL." + type: "object" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" + proxyConnectHeader: + additionalProperties: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + description: "ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. \n It requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. \n It requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. \n It requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + refreshInterval: + description: "Refresh interval to re-read the instance list." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + server: + description: "The URL to connect to the Eureka server." + minLength: 1 + type: "string" + tlsConfig: + description: "TLS configuration applying to the target HTTP endpoint." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + required: + - "server" + type: "object" + type: "array" + fileSDConfigs: + description: "FileSDConfigs defines a list of file service discovery configurations." + items: + description: "FileSDConfig defines a Prometheus file service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config" + properties: + files: + description: "List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets." + items: + description: "SDFile represents a file used for service discovery" + pattern: "^[^*]*(\\*[^/]*)?\\.(json|yml|yaml|JSON|YML|YAML)$" + type: "string" + minItems: 1 + type: "array" + refreshInterval: + description: "RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + required: + - "files" + type: "object" + type: "array" + gceSDConfigs: + description: "GCESDConfigs defines a list of GCE service discovery configurations." + items: + description: "GCESDConfig configures scrape targets from GCP GCE instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config \n The GCE service discovery will load the Google Cloud credentials from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform \n A pre-requisite for using GCESDConfig is that a Secret containing valid Google Cloud credentials is mounted into the Prometheus or PrometheusAgent pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS environment variable is set to /etc/prometheus/secrets//." + properties: + filter: + description: "Filter can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list" + type: "string" + port: + description: "The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule." + type: "integer" + project: + description: "The Google Cloud Project ID" + minLength: 1 + type: "string" + refreshInterval: + description: "RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + tagSeparator: + description: "The tag separator is used to separate the tags on concatenation" + type: "string" + zone: + description: "The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs." + minLength: 1 + type: "string" + required: + - "project" + - "zone" + type: "object" + type: "array" + hetznerSDConfigs: + description: "HetznerSDConfigs defines a list of Hetzner service discovery configurations." + items: + description: "HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. This service discovery uses the public IPv4 address by default, but that can be changed with relabeling See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config" + properties: + authorization: + description: "Authorization header configuration, required when role is hcloud. Role robot does not support bearer token authentication." + properties: + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: + description: "Defines the authentication type. The value is case-insensitive. \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" + type: "string" + type: "object" + basicAuth: + description: "BasicAuth information to use on every scrape request, required when role is robot. Role hcloud does not support basic auth." + properties: + password: + description: "`password` specifies a key of a Secret containing the password for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + username: + description: "`username` specifies a key of a Secret containing the username for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" + followRedirects: + description: "Configure whether HTTP requests follow HTTP 3xx redirects." + type: "boolean" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. \n It requires Prometheus >= v2.43.0." + type: "string" + oauth2: + description: "Optional OAuth 2.0 configuration. Cannot be used at the same time as `basic_auth` or `authorization`." + properties: + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2 client's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token URL." + type: "object" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" + port: + description: "The port to scrape metrics from." + type: "integer" + proxyConnectHeader: + additionalProperties: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + description: "ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. \n It requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. \n It requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. \n It requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + refreshInterval: + description: "The time after which the servers are refreshed." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + role: + description: "The Hetzner role of entities that should be discovered." + enum: + - "hcloud" + - "Hcloud" + - "robot" + - "Robot" + type: "string" + tlsConfig: + description: "TLS configuration to use on every scrape request." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + required: + - "role" + type: "object" + type: "array" + honorLabels: + description: "HonorLabels chooses the metric's labels on collisions with target labels." + type: "boolean" + honorTimestamps: + description: "HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data." type: "boolean" httpSDConfigs: description: "HTTPSDConfigs defines a list of HTTP service discovery configurations." @@ -896,7 +1777,226 @@ spec: description: "HTTPSDConfig defines a prometheus HTTP service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config" properties: authorization: - description: "Authorization header configuration to authenticate against the target HTTP endpoint." + description: "Authorization header configuration to authenticate against the target HTTP endpoint." + properties: + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: + description: "Defines the authentication type. The value is case-insensitive. \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" + type: "string" + type: "object" + basicAuth: + description: "BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints" + properties: + password: + description: "`password` specifies a key of a Secret containing the password for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + username: + description: "`username` specifies a key of a Secret containing the username for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. \n It requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + description: "ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. \n It requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. \n It requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. \n It requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + refreshInterval: + description: "RefreshInterval configures the refresh interval at which Prometheus will re-query the endpoint to update the target list." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + tlsConfig: + description: "TLS configuration applying to the target HTTP endpoint." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + url: + description: "URL from which the targets are fetched." + minLength: 1 + pattern: "^http(s)?://.+$" + type: "string" + required: + - "url" + type: "object" + type: "array" + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. \n It requires Prometheus >= v2.47.0." + format: "int64" + type: "integer" + kubernetesSDConfigs: + description: "KubernetesSDConfigs defines a list of Kubernetes service discovery configurations." + items: + description: "KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config" + properties: + apiServer: + description: "The API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/." + type: "string" + attachMetadata: + description: "Optional metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 for `pod` role and Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles." + properties: + node: + description: "Attaches node metadata to discovered targets. When set to true, Prometheus must have the `get` permission on the `Nodes` objects. Only valid for Pod, Endpoint and Endpointslice roles." + type: "boolean" + type: "object" + authorization: + description: "Authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`." properties: credentials: description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." @@ -919,7 +2019,7 @@ spec: type: "string" type: "object" basicAuth: - description: "BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints" + description: "BasicAuth information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`." properties: password: description: "`password` specifies a key of a Secret containing the password for authentication." @@ -954,9 +2054,101 @@ spec: type: "object" x-kubernetes-map-type: "atomic" type: "object" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" + followRedirects: + description: "Configure whether HTTP requests follow HTTP 3xx redirects." + type: "boolean" + namespaces: + description: "Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces." + properties: + names: + description: "List of namespaces where to watch for resources. If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces." + items: + type: "string" + type: "array" + ownNamespace: + description: "Includes the namespace in which the Prometheus pod exists to the list of watched namesapces." + type: "boolean" + type: "object" noProxy: description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. \n It requires Prometheus >= v2.43.0." type: "string" + oauth2: + description: "Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`, or `basicAuth`." + properties: + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2 client's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token URL." + type: "object" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" proxyConnectHeader: additionalProperties: description: "SecretKeySelector selects a key of a Secret." @@ -984,12 +2176,56 @@ spec: description: "`proxyURL` defines the HTTP proxy server to use. \n It requires Prometheus >= v2.43.0." pattern: "^http(s)?://.+$" type: "string" - refreshInterval: - description: "RefreshInterval configures the refresh interval at which Prometheus will re-query the endpoint to update the target list." - pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + role: + description: "Role of the Kubernetes entities that should be discovered." + enum: + - "Node" + - "node" + - "Service" + - "service" + - "Pod" + - "pod" + - "Endpoints" + - "endpoints" + - "EndpointSlice" + - "endpointslice" + - "Ingress" + - "ingress" type: "string" + selectors: + description: "Selector to select objects." + items: + description: "K8SSelectorConfig is Kubernetes Selector Config" + properties: + field: + type: "string" + label: + type: "string" + role: + description: "Role is role of the service in Kubernetes." + enum: + - "Node" + - "node" + - "Service" + - "service" + - "Pod" + - "pod" + - "Endpoints" + - "endpoints" + - "EndpointSlice" + - "endpointslice" + - "Ingress" + - "ingress" + type: "string" + required: + - "role" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "role" + x-kubernetes-list-type: "map" tlsConfig: - description: "TLS configuration applying to the target HTTP endpoint." + description: "TLS configuration to use on every scrape request." properties: ca: description: "Certificate authority used when verifying server certificates." @@ -1086,36 +2322,17 @@ spec: description: "Used to verify the hostname for the targets." type: "string" type: "object" - url: - description: "URL from which the targets are fetched." - minLength: 1 - pattern: "^http(s)?://.+$" - type: "string" required: - - "url" + - "role" type: "object" type: "array" - keepDroppedTargets: - description: "Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. \n It requires Prometheus >= v2.47.0." - format: "int64" - type: "integer" - kubernetesSDConfigs: - description: "KubernetesSDConfigs defines a list of Kubernetes service discovery configurations." + kumaSDConfigs: + description: "KumaSDConfigs defines a list of Kuma service discovery configurations." items: - description: "KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config" + description: "KumaSDConfig allow retrieving scrape targets from Kuma's control plane. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config" properties: - apiServer: - description: "The API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/." - type: "string" - attachMetadata: - description: "Optional metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 for `pod` role and Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles." - properties: - node: - description: "Attaches node metadata to discovered targets. When set to true, Prometheus must have the `get` permission on the `Nodes` objects. Only valid for Pod, Endpoint and Endpointslice roles." - type: "boolean" - type: "object" authorization: - description: "Authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`." + description: "Authorization header to use on every scrape request." properties: credentials: description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." @@ -1138,7 +2355,7 @@ spec: type: "string" type: "object" basicAuth: - description: "BasicAuth information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`." + description: "BasicAuth information to use on every scrape request." properties: password: description: "`password` specifies a key of a Secret containing the password for authentication." @@ -1173,24 +2390,19 @@ spec: type: "object" x-kubernetes-map-type: "atomic" type: "object" + clientID: + description: "Client id is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend." + type: "string" enableHTTP2: description: "Whether to enable HTTP2." type: "boolean" + fetchTimeout: + description: "The time after which the monitoring assignments are refreshed." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" followRedirects: description: "Configure whether HTTP requests follow HTTP 3xx redirects." type: "boolean" - namespaces: - description: "Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces." - properties: - names: - description: "List of namespaces where to watch for resources. If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces." - items: - type: "string" - type: "array" - ownNamespace: - description: "Includes the namespace in which the Prometheus pod exists to the list of watched namesapces." - type: "boolean" - type: "object" noProxy: description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. \n It requires Prometheus >= v2.43.0." type: "string" @@ -1295,56 +2507,16 @@ spec: description: "`proxyURL` defines the HTTP proxy server to use. \n It requires Prometheus >= v2.43.0." pattern: "^http(s)?://.+$" type: "string" - role: - description: "Role of the Kubernetes entities that should be discovered." - enum: - - "Node" - - "node" - - "Service" - - "service" - - "Pod" - - "pod" - - "Endpoints" - - "endpoints" - - "EndpointSlice" - - "endpointslice" - - "Ingress" - - "ingress" + refreshInterval: + description: "The time to wait between polling update requests." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + server: + description: "Address of the Kuma Control Plane's MADS xDS server." + minLength: 1 type: "string" - selectors: - description: "Selector to select objects." - items: - description: "K8SSelectorConfig is Kubernetes Selector Config" - properties: - field: - type: "string" - label: - type: "string" - role: - description: "Role is role of the service in Kubernetes." - enum: - - "Node" - - "node" - - "Service" - - "service" - - "Pod" - - "pod" - - "Endpoints" - - "endpoints" - - "EndpointSlice" - - "endpointslice" - - "Ingress" - - "ingress" - type: "string" - required: - - "role" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "role" - x-kubernetes-list-type: "map" tlsConfig: - description: "TLS configuration to use on every scrape request." + description: "TLS configuration to use on every scrape request" properties: ca: description: "Certificate authority used when verifying server certificates." @@ -1442,7 +2614,7 @@ spec: type: "string" type: "object" required: - - "role" + - "server" type: "object" type: "array" labelLimit: diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml index 26bcadbd5..e9cf52e17 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml @@ -22,6 +22,9 @@ spec: - jsonPath: ".status.jobDeploymentStatus" name: "deployment status" type: "string" + - jsonPath: ".status.rayClusterName" + name: "ray cluster name" + type: "string" - jsonPath: ".status.startTime" name: "start time" type: "string" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml index 4b42b26d1..0f802a246 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml @@ -17,6 +17,27 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".status.info.type" + name: "Type" + type: "string" + - jsonPath: ".status.info.failureDomain" + name: "FailureDomain" + type: "string" + - jsonPath: ".spec.replicated.size" + name: "Replication" + priority: 1 + type: "integer" + - jsonPath: ".spec.erasureCoded.codingChunks" + name: "EC-CodingChunks" + priority: 1 + type: "integer" + - jsonPath: ".spec.erasureCoded.dataChunks" + name: "EC-DataChunks" + priority: 1 + type: "integer" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephbuckettopics.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephbuckettopics.yaml index fe7b15898..f850d999a 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephbuckettopics.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephbuckettopics.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclients.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclients.yaml index 344dd4a66..282a2856f 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclients.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclients.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml index e2b21b055..daaa48874 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml index 0aa3e85d1..2ab55ecb7 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemsubvolumegroups.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml index 85b3f6ad4..3f4ec5082 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml @@ -17,6 +17,15 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".status.info.endpoint" + name: "Endpoint" + type: "string" + - jsonPath: ".status.info.secureEndpoint" + name: "SecureEndpoint" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: @@ -236,7 +245,7 @@ spec: description: "The DNS-addressable Hostname of this endpoint. This field will be preferred over IP if both are given." type: "string" ip: - description: "The IP of this endpoint. As a legacy behavior, this supports being given a DNS-adressable hostname as well." + description: "The IP of this endpoint. As a legacy behavior, this supports being given a DNS-addressable hostname as well." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstoreusers.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstoreusers.yaml index 26a5cae0e..d9321c35d 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstoreusers.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstoreusers.yaml @@ -20,6 +20,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzonegroups.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzonegroups.yaml index 60c85fb44..37063d0b4 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzonegroups.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzonegroups.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzones.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzones.yaml index 0affe0d17..52f396d46 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzones.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectzones.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml index 0114f04fa..90453c36d 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml @@ -17,6 +17,9 @@ spec: - jsonPath: ".status.phase" name: "Phase" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1" schema: openAPIV3Schema: diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml index 5e9ddbe95..464ad80d3 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml @@ -2265,6 +2265,18 @@ spec: type: "array" type: "object" type: "object" + targetRef: + properties: + group: + type: "string" + kind: + type: "string" + name: + type: "string" + namespace: + nullable: true + type: "string" + type: "object" type: "object" status: default: {} diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml index de6bbfe35..61baccf79 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml @@ -320,8 +320,6 @@ spec: nullable: true type: "boolean" type: "object" - required: - - "backupName" type: "object" status: description: "RestoreStatus captures the current status of a Velero restore" diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml index 9f72626d2..35c0d6da3 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml @@ -25,23 +25,17 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "JobFlow is the Schema for the jobflows API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "JobFlowSpec defines the desired state of JobFlow" properties: flows: - description: "Foo is an example field of JobFlow. Edit jobflow_types.go to remove/update" items: - description: "Flow defines the dependent of jobs" properties: dependsOn: properties: @@ -51,13 +45,10 @@ spec: items: properties: httpHeader: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -107,7 +98,6 @@ spec: type: "string" type: "object" status: - description: "JobFlowStatus defines the observed state of JobFlow" properties: completedJobs: items: @@ -120,19 +110,16 @@ spec: format: "date-time" type: "string" phase: - description: "JobPhase defines the phase of the job." type: "string" runningDuration: type: "string" taskStatusCount: additionalProperties: - description: "TaskState contains details for the current state of the task." properties: phase: additionalProperties: format: "int32" type: "integer" - description: "The phase of Task." type: "object" type: "object" type: "object" @@ -163,7 +150,6 @@ spec: format: "date-time" type: "string" state: - description: "JobPhase defines the phase of the job." type: "string" type: "object" type: "array" @@ -171,7 +157,6 @@ spec: format: "date-time" type: "string" state: - description: "JobPhase defines the phase of the job." type: "string" type: "object" type: "array" diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml index 4e7d94fe9..a419e9d24 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml @@ -18,29 +18,22 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "JobTemplate is the Schema for the jobtemplates API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "JobSpec describes how the job execution will look like and when it will actually run." properties: maxRetry: - description: "Specifies the maximum number of retries before marking this Job failed. Defaults to 3." format: "int32" type: "integer" minAvailable: - description: "The minimal available pods to run for this Job Defaults to the summary of tasks' replicas" format: "int32" type: "integer" minSuccess: - description: "The minimal success pods to run for this Job" format: "int32" minimum: 1.0 type: "integer" @@ -49,109 +42,77 @@ spec: items: type: "string" type: "array" - description: "Specifies the plugin of job Key is plugin name, value is the arguments of the plugin" type: "object" policies: - description: "Specifies the default lifecycle of tasks" items: - description: "LifecyclePolicy specifies the lifecycle and error handling of task and job." properties: action: - description: "The action that will be taken to the PodGroup according to Event. One of \"Restart\", \"None\". Default to None." type: "string" event: - description: "The Event recorded by scheduler; the controller takes actions according to this Event." type: "string" events: - description: "The Events recorded by scheduler; the controller takes actions according to this Events." items: - description: "Event represent the phase of Job, e.g. pod-failed." type: "string" type: "array" exitCode: - description: "The exit code of the pod container, controller will take action according to this code. Note: only one of `Event` or `ExitCode` can be specified." format: "int32" type: "integer" timeout: - description: "Timeout is the grace period for controller to take actions. Default to nil (take action immediately)." type: "string" type: "object" type: "array" priorityClassName: - description: "If specified, indicates the job's priority." type: "string" queue: - description: "Specifies the queue that will be used in the scheduler, \"default\" queue is used this leaves empty." type: "string" runningEstimate: - description: "Running Estimate is a user running duration estimate for the job Default to nil" type: "string" schedulerName: - description: "SchedulerName is the default value of `tasks.template.spec.schedulerName`." type: "string" tasks: - description: "Tasks specifies the task specification of Job" items: - description: "TaskSpec specifies the task specification of Job." properties: dependsOn: - description: "Specifies the tasks that this task depends on." properties: iteration: - description: "This field specifies that when there are multiple dependent tasks, as long as one task becomes the specified state, the task scheduling is triggered or all tasks must be changed to the specified state to trigger the task scheduling" type: "string" name: - description: "Indicates the name of the tasks that this task depends on, which can depend on multiple tasks" items: type: "string" type: "array" type: "object" maxRetry: - description: "Specifies the maximum number of retries before marking this Task failed. Defaults to 3." format: "int32" type: "integer" minAvailable: - description: "The minimal available pods to run for this Task Defaults to the task replicas" format: "int32" type: "integer" name: - description: "Name specifies the name of tasks" type: "string" policies: - description: "Specifies the lifecycle of task" items: - description: "LifecyclePolicy specifies the lifecycle and error handling of task and job." properties: action: - description: "The action that will be taken to the PodGroup according to Event. One of \"Restart\", \"None\". Default to None." type: "string" event: - description: "The Event recorded by scheduler; the controller takes actions according to this Event." type: "string" events: - description: "The Events recorded by scheduler; the controller takes actions according to this Events." items: - description: "Event represent the phase of Job, e.g. pod-failed." type: "string" type: "array" exitCode: - description: "The exit code of the pod container, controller will take action according to this code. Note: only one of `Event` or `ExitCode` can be specified." format: "int32" type: "integer" timeout: - description: "Timeout is the grace period for controller to take actions. Default to nil (take action immediately)." type: "string" type: "object" type: "array" replicas: - description: "Replicas specifies the replicas of this TaskSpec in Job" format: "int32" type: "integer" template: - description: "Specifies the pod that will be created for this TaskSpec when executing a Job" properties: metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -171,39 +132,27 @@ spec: type: "string" type: "object" spec: - description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: activeDeadlineSeconds: - description: "Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer." format: "int64" type: "integer" affinity: - description: "If specified, the pod's scheduling constraints" properties: nodeAffinity: - description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: - description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: - description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -213,18 +162,13 @@ spec: type: "object" type: "array" matchFields: - description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -235,7 +179,6 @@ spec: type: "array" type: "object" weight: - description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -244,26 +187,18 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: - description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: - description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -273,18 +208,13 @@ spec: type: "object" type: "array" matchFields: - description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -300,32 +230,22 @@ spec: type: "object" type: "object" podAffinity: - description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." items: - description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: - description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -337,37 +257,28 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -379,22 +290,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -403,26 +310,18 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -434,37 +333,28 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -476,16 +366,13 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -493,32 +380,22 @@ spec: type: "array" type: "object" podAntiAffinity: - description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." items: - description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: - description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -530,37 +407,28 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -572,22 +440,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -596,26 +460,18 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -627,37 +483,28 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -669,16 +516,13 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -687,94 +531,69 @@ spec: type: "object" type: "object" automountServiceAccountToken: - description: "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted." type: "boolean" containers: - description: "List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated." items: - description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." items: - description: "EnvVar represents an environment variable present in a Container." properties: name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." type: "string" valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: - description: "Selects a key of a ConfigMap." properties: key: - description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: - description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: - description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" type: "string" required: - "resource" type: "object" secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" properties: key: - description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -785,72 +604,51 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: - description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: - description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the Secret must be defined" type: "boolean" type: "object" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -858,74 +656,57 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: - description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -933,41 +714,33 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: - description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -975,50 +748,37 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -1026,81 +786,62 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." items: - description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: - description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1111,50 +852,37 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -1162,66 +890,51 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resizePolicy: - description: "Resources resize policy for the container." items: - description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1230,15 +943,11 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." type: "string" required: - "name" @@ -1254,7 +963,6 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1263,144 +971,103 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." properties: add: - description: "Added capabilities" items: - description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: - description: "Removed capabilities" items: - description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." properties: level: - description: "Level is SELinux level label that applies to the container." type: "string" role: - description: "Role is a SELinux role label that applies to the container." type: "string" type: - description: "Type is a SELinux type label that applies to the container." type: "string" user: - description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -1408,81 +1075,61 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." type: "boolean" volumeDevices: - description: "volumeDevices is the list of block devices to be used by the container." items: - description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: - description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: - description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -1490,27 +1137,19 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." items: - description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." type: "string" name: - description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1518,130 +1157,97 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." type: "string" required: - "name" type: "object" type: "array" dnsConfig: - description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy." properties: nameservers: - description: "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed." items: type: "string" type: "array" options: - description: "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy." items: - description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." type: "string" value: type: "string" type: "object" type: "array" searches: - description: "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed." items: type: "string" type: "array" type: "object" dnsPolicy: - description: "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'." type: "string" enableServiceLinks: - description: "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true." type: "boolean" ephemeralContainers: - description: "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource." items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted." properties: args: - description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." items: - description: "EnvVar represents an environment variable present in a Container." properties: name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." type: "string" valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: - description: "Selects a key of a ConfigMap." properties: key: - description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: - description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: - description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" type: "string" required: - "resource" type: "object" secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" properties: key: - description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -1652,72 +1258,51 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: - description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: - description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the Secret must be defined" type: "boolean" type: "object" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images" type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Lifecycle is not allowed for ephemeral containers." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -1725,74 +1310,57 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: - description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -1800,41 +1368,33 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: - description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1842,50 +1402,37 @@ spec: type: "object" type: "object" livenessProbe: - description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -1893,81 +1440,62 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers." type: "string" ports: - description: "Ports are not allowed for ephemeral containers." items: - description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: - description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1978,50 +1506,37 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -2029,66 +1544,51 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resizePolicy: - description: "Resources resize policy for the container." items: - description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2097,15 +1597,11 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." type: "string" required: - "name" @@ -2121,7 +1617,6 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2130,144 +1625,103 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers." type: "string" securityContext: - description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." properties: add: - description: "Added capabilities" items: - description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: - description: "Removed capabilities" items: - description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." properties: level: - description: "Level is SELinux level label that applies to the container." type: "string" role: - description: "Role is a SELinux role label that applies to the container." type: "string" type: - description: "Type is a SELinux type label that applies to the container." type: "string" user: - description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -2275,84 +1729,63 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" type: "boolean" targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined." type: "string" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." type: "boolean" volumeDevices: - description: "volumeDevices is the list of block devices to be used by the container." items: - description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: - description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: - description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -2360,27 +1793,19 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated." items: - description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." type: "string" name: - description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2388,138 +1813,101 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." type: "string" required: - "name" type: "object" type: "array" hostAliases: - description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods." items: - description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file." properties: hostnames: - description: "Hostnames for the above IP address." items: type: "string" type: "array" ip: - description: "IP address of the host file entry." type: "string" type: "object" type: "array" hostIPC: - description: "Use the host's ipc namespace. Optional: Default to false." type: "boolean" hostNetwork: - description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false." type: "boolean" hostPID: - description: "Use the host's pid namespace. Optional: Default to false." type: "boolean" hostUsers: - description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature." type: "boolean" hostname: - description: "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value." type: "string" imagePullSecrets: - description: "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" type: "array" initContainers: - description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/" items: - description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." items: - description: "EnvVar represents an environment variable present in a Container." properties: name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." type: "string" valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: - description: "Selects a key of a ConfigMap." properties: key: - description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: - description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: - description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" type: "string" required: - "resource" type: "object" secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" properties: key: - description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" @@ -2530,72 +1918,51 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." items: - description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: - description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: - description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "Specify whether the Secret must be defined" type: "boolean" type: "object" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -2603,74 +1970,57 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: - description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -2678,41 +2028,33 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." properties: seconds: - description: "Seconds is the number of seconds to sleep." format: "int64" type: "integer" required: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2720,50 +2062,37 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -2771,81 +2100,62 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." items: - description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: - description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2856,50 +2166,37 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -2907,66 +2204,51 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resizePolicy: - description: "Resources resize policy for the container." items: - description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2975,15 +2257,11 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." type: "string" required: - "name" @@ -2999,7 +2277,6 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3008,144 +2285,103 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." properties: add: - description: "Added capabilities" items: - description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: - description: "Removed capabilities" items: - description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." properties: level: - description: "Level is SELinux level label that applies to the container." type: "string" role: - description: "Role is a SELinux role label that applies to the container." type: "string" type: - description: "Type is a SELinux type label that applies to the container." type: "string" user: - description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." properties: port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." type: "string" httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: - description: "The header field value" type: "string" required: - "name" @@ -3153,81 +2389,61 @@ spec: type: "object" type: "array" path: - description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." properties: host: - description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." type: "boolean" volumeDevices: - description: "volumeDevices is the list of block devices to be used by the container." items: - description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: - description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: - description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -3235,27 +2451,19 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." items: - description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." type: "string" name: - description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3263,26 +2471,21 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." type: "string" required: - "name" type: "object" type: "array" nodeName: - description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements." type: "string" nodeSelector: additionalProperties: type: "string" - description: "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" type: "object" x-kubernetes-map-type: "atomic" os: - description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. \n If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions \n If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup" properties: name: - description: "Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null" type: "string" required: - "name" @@ -3294,46 +2497,33 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md" type: "object" preemptionPolicy: - description: "PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset." type: "string" priority: - description: "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority." format: "int32" type: "integer" priorityClassName: - description: "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default." type: "string" readinessGates: - description: "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates" items: - description: "PodReadinessGate contains the reference to a pod condition" properties: conditionType: - description: "ConditionType refers to a condition in the pod's condition list with matching type." type: "string" required: - "conditionType" type: "object" type: "array" resourceClaims: - description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable." items: - description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name." properties: name: - description: "Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL." type: "string" source: - description: "Source describes where to find the ResourceClaim." properties: resourceClaimName: - description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod." type: "string" resourceClaimTemplateName: - description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim." type: "string" type: "object" required: @@ -3344,21 +2534,15 @@ spec: - "name" x-kubernetes-list-type: "map" restartPolicy: - description: "Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy" type: "string" runtimeClassName: - description: "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class" type: "string" schedulerName: - description: "If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler." type: "string" schedulingGates: - description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate." items: - description: "PodSchedulingGate is associated to a Pod to guard its scheduling." properties: name: - description: "Name of the scheduling gate. Each scheduling gate must have a unique name field." type: "string" required: - "name" @@ -3368,70 +2552,51 @@ spec: - "name" x-kubernetes-list-type: "map" securityContext: - description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." properties: level: - description: "Level is SELinux level label that applies to the container." type: "string" role: - description: "Role is a SELinux role label that applies to the container." type: "string" type: - description: "Type is a SELinux type label that applies to the container." type: "string" user: - description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." items: - description: "Sysctl defines a kernel parameter to be set" properties: name: - description: "Name of a property to set" type: "string" value: - description: "Value of a property to set" type: "string" required: - "name" @@ -3439,85 +2604,59 @@ spec: type: "object" type: "array" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" serviceAccount: - description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead." type: "string" serviceAccountName: - description: "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" type: "string" setHostnameAsFQDN: - description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false." type: "boolean" shareProcessNamespace: - description: "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false." type: "boolean" subdomain: - description: "If specified, the fully qualified Pod hostname will be \"...svc.\". If not specified, the pod will not have a domainname at all." type: "string" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds." format: "int64" type: "integer" tolerations: - description: "If specified, the pod's tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: - description: "TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed." items: - description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3529,34 +2668,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." type: "string" required: - "maxSkew" @@ -3569,143 +2700,104 @@ spec: - "whenUnsatisfiable" x-kubernetes-list-type: "map" volumes: - description: "List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes" items: - description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." properties: cachingMode: - description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." type: "string" diskName: - description: "diskName is the Name of the data disk in the blob storage" type: "string" diskURI: - description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: - description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" secretName: - description: "secretName is the name of secret that contains Azure Storage Account Name and Key" type: "string" shareName: - description: "shareName is the azure share Name" type: "string" required: - "secretName" - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" path: - description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" type: "object" configMap: - description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." items: - description: "Maps a string key to a path within a volume." properties: key: - description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." type: "string" required: - "key" @@ -3713,85 +2805,63 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." type: "object" required: - "driver" type: "object" downwardAPI: - description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "Items is a list of downward API volume file" items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: - description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: - description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" type: "string" required: - "resource" @@ -3802,27 +2872,21 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." properties: annotations: additionalProperties: @@ -3842,50 +2906,38 @@ spec: type: "string" type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." type: "string" kind: - description: "Kind is the type of resource being referenced" type: "string" name: - description: "Name is the name of resource being referenced" type: "string" required: - "kind" - "name" type: "object" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." type: "string" kind: - description: "Kind is the type of resource being referenced" type: "string" name: - description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -3894,7 +2946,6 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3903,25 +2954,18 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: - description: "selector is a label query over volumes to consider for binding." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3933,20 +2977,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." type: "string" volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" required: @@ -3954,170 +2993,125 @@ spec: type: "object" type: "object" fc: - description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: - description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: - description: "targetWWNs is Optional: FC target worldwide names (WWNs)" items: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." properties: driver: - description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: type: "string" - description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" required: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" type: "string" datasetUUID: - description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." type: "string" repository: - description: "repository is the URL" type: "string" revision: - description: "revision is the commit hash for the specified revision." type: "string" required: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: - description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" type: "boolean" chapAuthSession: - description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." type: "string" iqn: - description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." type: "string" lun: - description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." type: "boolean" secretRef: - description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -4125,94 +3119,68 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." type: "boolean" required: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: - description: "pdID is the ID that identifies Photon Controller persistent disk" type: "string" required: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" volumeID: - description: "volumeID uniquely identifies a Portworx volume" type: "string" required: - "volumeID" type: "object" projected: - description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" items: - description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4224,41 +3192,30 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." type: "boolean" path: - description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" type: "object" configMap: - description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." items: - description: "Maps a string key to a path within a volume." properties: key: - description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." type: "string" required: - "key" @@ -4266,54 +3223,40 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" downwardAPI: - description: "downwardAPI information about the downwardAPI data to project" properties: items: - description: "Items is a list of DownwardAPIVolume file" items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: - description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: - description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" type: "string" required: - "resource" @@ -4324,22 +3267,16 @@ spec: type: "array" type: "object" secret: - description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." items: - description: "Maps a string key to a path within a volume." properties: key: - description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." type: "string" required: - "key" @@ -4347,24 +3284,18 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: - description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" serviceAccountToken: - description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." type: "string" required: - "path" @@ -4373,103 +3304,74 @@ spec: type: "array" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" type: "string" volume: - description: "volume is a string that references an already created Quobyte volume by name." type: "string" required: - "registry" - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." type: "string" gateway: - description: "gateway is the host address of the ScaleIO API Gateway." type: "string" protectionDomain: - description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" sslEnabled: - description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." type: "string" storagePool: - description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." type: "string" system: - description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." type: "string" required: - "gateway" @@ -4477,26 +3379,19 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." items: - description: "Maps a string key to a path within a volume." properties: key: - description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." type: "string" required: - "key" @@ -4504,49 +3399,35 @@ spec: type: "object" type: "array" optional: - description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: - description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." type: "string" storagePolicyName: - description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." type: "string" volumePath: - description: "volumePath is the path that identifies vSphere volume vmdk" type: "string" required: - "volumePath" @@ -4560,67 +3441,50 @@ spec: type: "object" type: "object" topologyPolicy: - description: "Specifies the topology policy of task" type: "string" type: "object" type: "array" ttlSecondsAfterFinished: - description: "ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Completed or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes." format: "int32" type: "integer" volumes: - description: "The volumes mount on Job" items: - description: "VolumeSpec defines the specification of Volume, e.g. PVC." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." type: "string" volumeClaim: - description: "VolumeClaim defines the PVC used by the VolumeMount." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." type: "string" kind: - description: "Kind is the type of resource being referenced" type: "string" name: - description: "Name is the name of resource being referenced" type: "string" required: - "kind" - "name" type: "object" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." type: "string" kind: - description: "Kind is the type of resource being referenced" type: "string" name: - description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -4629,7 +3493,6 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4638,25 +3501,18 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: - description: "selector is a label query over volumes to consider for binding." properties: matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." properties: key: - description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4668,24 +3524,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." type: "string" volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" volumeClaimName: - description: "defined the PVC name" type: "string" required: - "mountPath" @@ -4693,10 +3543,8 @@ spec: type: "array" type: "object" status: - description: "JobTemplateStatus defines the observed state of JobTemplate" properties: jobDependsOnList: - description: "Describes the Jobs generated from the JobTemplate" items: type: "string" type: "array" diff --git a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml index e22e8767f..45296792b 100644 --- a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml +++ b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml @@ -103,6 +103,9 @@ spec: description: "The amount of cluster resource reserved for queue. Just set either `percentage` or `resource`" type: "object" type: "object" + parent: + description: "Parent define the parent of queue" + type: "string" reclaimable: description: "Reclaimable indicate whether the queue can be reclaimed by other queue" type: "boolean" diff --git a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs index 8636dd1eb..de891b884 100644 --- a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs +++ b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs @@ -263,9 +263,15 @@ pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -277,7 +283,7 @@ pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSche pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -326,9 +332,15 @@ pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSche /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -340,7 +352,7 @@ pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSched pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -410,9 +422,15 @@ pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuring /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -424,7 +442,7 @@ pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuring pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -473,9 +491,15 @@ pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuring /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -487,7 +511,7 @@ pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringS pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -937,9 +961,15 @@ pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedul /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -951,7 +981,7 @@ pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedul pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1000,9 +1030,15 @@ pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedul /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1014,7 +1050,7 @@ pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringScheduli pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1084,9 +1120,15 @@ pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSch /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1098,7 +1140,7 @@ pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSch pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1147,9 +1189,15 @@ pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSch /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1161,7 +1209,7 @@ pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSche pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1605,9 +1653,15 @@ pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1619,7 +1673,7 @@ pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1668,9 +1722,15 @@ pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringScheduling /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1682,7 +1742,7 @@ pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingI pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1752,9 +1812,15 @@ pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1766,7 +1832,7 @@ pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedu pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1815,9 +1881,15 @@ pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedu /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -1829,7 +1901,7 @@ pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedul pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2136,9 +2208,15 @@ pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2150,7 +2228,7 @@ pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedu pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2199,9 +2277,15 @@ pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedu /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2213,7 +2297,7 @@ pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedul pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2283,9 +2367,15 @@ pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSc /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2297,7 +2387,7 @@ pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSc pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2346,9 +2436,15 @@ pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSc /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2360,7 +2456,7 @@ pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSch pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2642,9 +2738,15 @@ pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgn /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2656,7 +2758,7 @@ pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgn pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2705,9 +2807,15 @@ pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgn /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2719,7 +2827,7 @@ pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgno pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2789,9 +2897,15 @@ pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulin /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2803,7 +2917,7 @@ pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2852,9 +2966,15 @@ pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulin /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -2866,7 +2986,7 @@ pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3179,9 +3299,15 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3193,7 +3319,7 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringScheduli pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3242,9 +3368,15 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringScheduli /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3256,7 +3388,7 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3326,9 +3458,15 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3340,7 +3478,7 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSche pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3389,9 +3527,15 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSche /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3403,7 +3547,7 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSched pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3830,9 +3974,15 @@ pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIg /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3844,7 +3994,7 @@ pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIg pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3893,9 +4043,15 @@ pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIg /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3907,7 +4063,7 @@ pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgn pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3977,9 +4133,15 @@ pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -3991,7 +4153,7 @@ pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringScheduli pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4040,9 +4202,15 @@ pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringScheduli /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -4054,7 +4222,7 @@ pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4416,9 +4584,15 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -4430,7 +4604,7 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedu pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4479,9 +4653,15 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedu /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -4493,7 +4673,7 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedul pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4563,9 +4743,15 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSc /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -4577,7 +4763,7 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSc pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4626,9 +4812,15 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSc /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -4640,7 +4832,7 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSch pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4965,9 +5157,15 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringS /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -4979,7 +5177,7 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringS pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5028,9 +5226,15 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringS /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5042,7 +5246,7 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSc pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5112,9 +5316,15 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDur /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5126,7 +5336,7 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDur pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5175,9 +5385,15 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDur /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5189,7 +5405,7 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuri pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5573,9 +5789,15 @@ pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5587,7 +5809,7 @@ pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5636,9 +5858,15 @@ pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringScheduling /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5650,7 +5878,7 @@ pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingI pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5720,9 +5948,15 @@ pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5734,7 +5968,7 @@ pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedu pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5783,9 +6017,15 @@ pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedu /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -5797,7 +6037,7 @@ pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedul pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6079,9 +6319,15 @@ pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgno /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6093,7 +6339,7 @@ pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgno pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6142,9 +6388,15 @@ pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgno /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6156,7 +6408,7 @@ pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnor pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6226,9 +6478,15 @@ pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6240,7 +6498,7 @@ pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6289,9 +6547,15 @@ pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringScheduling /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6303,7 +6567,7 @@ pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingI pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6615,9 +6879,15 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6629,7 +6899,7 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringScheduli pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6678,9 +6948,15 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringScheduli /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6692,7 +6968,7 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6762,9 +7038,15 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6776,7 +7058,7 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSche pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6825,9 +7107,15 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSche /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -6839,7 +7127,7 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSched pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7162,9 +7450,15 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7176,7 +7470,7 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringScheduli pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7225,9 +7519,15 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringScheduli /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7239,7 +7539,7 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7309,9 +7609,15 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7323,7 +7629,7 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSche pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7372,9 +7678,15 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSche /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7386,7 +7698,7 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSched pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7685,9 +7997,15 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulin /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7699,7 +8017,7 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7748,9 +8066,15 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulin /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7762,7 +8086,7 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7832,9 +8156,15 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSched /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7846,7 +8176,7 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSched pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7895,9 +8225,15 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSched /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -7909,7 +8245,7 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedu pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8241,9 +8577,15 @@ pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgno /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8255,7 +8597,7 @@ pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgno pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8304,9 +8646,15 @@ pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgno /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8318,7 +8666,7 @@ pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnor pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8388,9 +8736,15 @@ pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8402,7 +8756,7 @@ pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8451,9 +8805,15 @@ pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringScheduling /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8465,7 +8825,7 @@ pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingI pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8747,9 +9107,15 @@ pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgn /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8761,7 +9127,7 @@ pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgn pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8810,9 +9176,15 @@ pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgn /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8824,7 +9196,7 @@ pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgno pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8894,9 +9266,15 @@ pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulin /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8908,7 +9286,7 @@ pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulin pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8957,9 +9335,15 @@ pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulin /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -8971,7 +9355,7 @@ pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -9275,9 +9659,15 @@ pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgno /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -9289,7 +9679,7 @@ pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgno pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -9338,9 +9728,15 @@ pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgno /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -9352,7 +9748,7 @@ pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnor pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -9422,9 +9818,15 @@ pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -9436,7 +9838,7 @@ pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringScheduling pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -9485,9 +9887,15 @@ pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringScheduling /// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. + /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, @@ -9499,7 +9907,7 @@ pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingI pub topology_key: String, } -/// A label query over a set of resources, in this case pods. +/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/mod.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/mod.rs index 32a5a9d4f..87218411e 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/mod.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/mod.rs @@ -1 +1,2 @@ pub mod v1alpha1; +pub mod v1beta1; diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/configconstraints.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/configconstraints.rs index 064226023..197c4f109 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/configconstraints.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/configconstraints.rs @@ -14,14 +14,14 @@ use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; #[kube(status = "ConfigConstraintStatus")] #[kube(schema = "disabled")] pub struct ConfigConstraintSpec { - /// Top level key used to get the cue rules to validate the config file. It must exist in 'ConfigSchema' TODO (refactored to ConfigSchemaTopLevelKey) + /// Top level key used to get the cue rules to validate the config file. It must exist in 'ConfigSchema' #[serde(default, skip_serializing_if = "Option::is_none", rename = "cfgSchemaTopLevelName")] pub cfg_schema_top_level_name: Option, - /// List constraints rules for each config parameters. TODO (refactored to ConfigSchema) + /// List constraints rules for each config parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configurationSchema")] pub configuration_schema: Option, /// A set of actions for regenerating local configs. - /// It works when: - different engine roles have different config, such as redis primary & secondary - after a role switch, the local config will be regenerated with the help of DownwardActions TODO (refactored to DownwardActions) + /// It works when: - different engine roles have different config, such as redis primary & secondary - after a role switch, the local config will be regenerated with the help of DownwardActions #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPIOptions")] pub downward_api_options: Option>, /// Indicates the dynamic reload action and restart action can be merged to a restart action. @@ -40,30 +40,30 @@ pub struct ConfigConstraintSpec { /// Describes parameters that are prohibited to do any modifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "immutableParameters")] pub immutable_parameters: Option>, - /// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadActions != nil TODO (refactored to DynamicReloadActions) + /// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && ReloadOptions != nil #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadOptions")] pub reload_options: Option, /// A list of ScriptConfig used by the actions defined in dynamic reload and downward actions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scriptConfigs")] pub script_configs: Option>, - /// Used to match labels on the pod to do a dynamic reload TODO (refactored to DynamicReloadSelector) + /// Used to match labels on the pod to do a dynamic reload #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, /// A list of StaticParameter. Modifications of static parameters trigger a process restart. #[serde(default, skip_serializing_if = "Option::is_none", rename = "staticParameters")] pub static_parameters: Option>, - /// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. TODO (refactored to ReloadToolsImage) + /// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toolsImageSpec")] pub tools_image_spec: Option, } -/// List constraints rules for each config parameters. TODO (refactored to ConfigSchema) +/// List constraints rules for each config parameters. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintConfigurationSchema { /// Enables providers to verify user configurations using the CUE language. #[serde(default, skip_serializing_if = "Option::is_none")] pub cue: Option, - /// Transforms the schema from CUE to json for further OpenAPI validation TODO (refactored to SchemaInJson) + /// Transforms the schema from CUE to json for further OpenAPI validation #[serde(default, skip_serializing_if = "Option::is_none")] pub schema: Option>, } @@ -175,7 +175,7 @@ pub struct ConfigConstraintFormatterConfigIniConfig { pub section_name: Option, } -/// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadActions != nil TODO (refactored to DynamicReloadActions) +/// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && ReloadOptions != nil #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintReloadOptions { /// Used to automatically perform the reload command when conditions are met. @@ -205,7 +205,7 @@ pub struct ConfigConstraintReloadOptionsAutoTrigger { pub struct ConfigConstraintReloadOptionsShellTrigger { /// When `batchReload` is set to 'True', this parameter allows for the optional specification of the batch input format that is passed into the STDIN of the script. The format should be provided as a Go template string. In the template, the updated parameters' key-value map can be referenced using the dollar sign ('$') variable. Here's an example of an input template: /// ```yaml - /// batchInputTemplate: |- + /// batchParametersTemplate: |- /// {{- range $pKey, $pValue := $ }} /// {{ printf "%s:%s" $pKey $pValue }} /// {{- end }} @@ -222,8 +222,8 @@ pub struct ConfigConstraintReloadOptionsShellTrigger { /// key2=value2 /// key3=value3 /// ``` - #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchInputTemplate")] - pub batch_input_template: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchParametersTemplate")] + pub batch_parameters_template: Option, /// Specifies whether to reconfigure dynamic parameters individually or in a batch. - Set to 'True' to execute the reload action in a batch, incorporating all parameter changes. - Set to 'False' to execute the reload action for each parameter change individually. The default value is 'False'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchReload")] pub batch_reload: Option, @@ -335,7 +335,7 @@ pub struct ConfigConstraintScriptConfigs { pub script_config_map_ref: String, } -/// Used to match labels on the pod to do a dynamic reload TODO (refactored to DynamicReloadSelector) +/// Used to match labels on the pod to do a dynamic reload #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -358,7 +358,7 @@ pub struct ConfigConstraintSelectorMatchExpressions { pub values: Option>, } -/// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. TODO (refactored to ReloadToolsImage) +/// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintToolsImageSpec { /// Represents the point where the scripts file will be mounted. diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs new file mode 100644 index 000000000..b2672a1c9 --- /dev/null +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs @@ -0,0 +1,403 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml --derive=Default --derive=PartialEq +// kopium version: 0.17.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; +use std::collections::HashMap; +use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + +/// ConfigConstraintSpec defines the desired state of ConfigConstraint +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "apps.kubeblocks.io", version = "v1beta1", kind = "ConfigConstraint", plural = "configconstraints")] +#[kube(status = "ConfigConstraintStatus")] +#[kube(schema = "disabled")] +pub struct ConfigConstraintSpec { + /// List constraints rules for each config parameters. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configSchema")] + pub config_schema: Option, + /// Top level key used to get the cue rules to validate the config file. It must exist in 'ConfigSchema' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configSchemaTopLevelKey")] + pub config_schema_top_level_key: Option, + /// A set of actions for regenerating local configs. + /// It works when: - different engine roles have different config, such as redis primary & secondary - after a role switch, the local config will be regenerated with the help of DownwardActions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardActions")] + pub downward_actions: Option>, + /// Indicates the dynamic reload action and restart action can be merged to a restart action. + /// When a batch of parameters updates incur both restart & dynamic reload, it works as: - set to true, the two actions merged to only one restart action - set to false, the two actions cannot be merged, the actions executed in order [dynamic reload, restart] + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicActionCanBeMerged")] + pub dynamic_action_can_be_merged: Option, + /// Specifies the policy for selecting the parameters of dynamic reload actions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicParameterSelectedPolicy")] + pub dynamic_parameter_selected_policy: Option, + /// A list of DynamicParameter. Modifications of dynamic parameters trigger a reload action without process restart. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicParameters")] + pub dynamic_parameters: Option>, + /// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadAction != nil + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicReloadAction")] + pub dynamic_reload_action: Option, + /// Used to match labels on the pod to do a dynamic reload + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicReloadSelector")] + pub dynamic_reload_selector: Option, + /// Describes the format of the config file. The controller works as follows: 1. Parse the config file 2. Get the modified parameters 3. Trigger the corresponding action + #[serde(rename = "formatterConfig")] + pub formatter_config: ConfigConstraintFormatterConfig, + /// Describes parameters that are prohibited to do any modifications. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "immutableParameters")] + pub immutable_parameters: Option>, + /// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadToolsImage")] + pub reload_tools_image: Option, + /// A list of ScriptConfig used by the actions defined in dynamic reload and downward actions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scriptConfigs")] + pub script_configs: Option>, + /// A list of StaticParameter. Modifications of static parameters trigger a process restart. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "staticParameters")] + pub static_parameters: Option>, +} + +/// List constraints rules for each config parameters. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintConfigSchema { + /// Enables providers to verify user configurations using the CUE language. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cue: Option, + /// Transforms the schema from CUE to json for further OpenAPI validation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schemaInJSON")] + pub schema_in_json: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDownwardActions { + /// The command used to execute for the downward API. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Represents a list of downward API volume files. + pub items: Vec, + /// Specifies the mount point of the scripts file. + #[serde(rename = "mountPoint")] + pub mount_point: String, + /// Specifies the name of the field. It must be a string of maximum length 63. The name should match the regex pattern `^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$`. + pub name: String, +} + +/// DownwardAPIVolumeFile represents information to create the file containing the pod field +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDownwardActionsItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' + pub path: String, + /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, +} + +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDownwardActionsItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDownwardActionsItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// ConfigConstraintSpec defines the desired state of ConfigConstraint +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ConfigConstraintDynamicParameterSelectedPolicy { + #[serde(rename = "all")] + All, + #[serde(rename = "dynamic")] + Dynamic, +} + +/// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadAction != nil +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadAction { + /// Used to automatically perform the reload command when conditions are met. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoTrigger")] + pub auto_trigger: Option, + /// Used to perform the reload command in shell script. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shellTrigger")] + pub shell_trigger: Option, + /// Used to perform the reload command by Go template script. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tplScriptTrigger")] + pub tpl_script_trigger: Option, + /// Used to trigger a reload by sending a Unix signal to the process. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "unixSignalTrigger")] + pub unix_signal_trigger: Option, +} + +/// Used to automatically perform the reload command when conditions are met. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadActionAutoTrigger { + /// The name of the process. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "processName")] + pub process_name: Option, +} + +/// Used to perform the reload command in shell script. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadActionShellTrigger { + /// When `batchReload` is set to 'True', this parameter allows for the optional specification of the batch input format that is passed into the STDIN of the script. The format should be provided as a Go template string. In the template, the updated parameters' key-value map can be referenced using the dollar sign ('$') variable. Here's an example of an input template: + /// ```yaml + /// batchParametersTemplate: |- + /// {{- range $pKey, $pValue := $ }} + /// {{ printf "%s:%s" $pKey $pValue }} + /// {{- end }} + /// ``` + /// In this example, each updated parameter is iterated over in a sorted order by keys to generate the batch input data as follows: + /// ``` + /// key1:value1 + /// key2:value2 + /// key3:value3 + /// ``` + /// If this parameter is not specified, the default format used for STDIN is as follows: Each updated parameter generates a line that concatenates the parameter's key and value with a equal sign ('='). These lines are then sorted by their keys and inserted accordingly. Here's an example of the batch input data using the default template: + /// ``` + /// key1=value1 + /// key2=value2 + /// key3=value3 + /// ``` + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchParametersTemplate")] + pub batch_parameters_template: Option, + /// Specifies whether to reconfigure dynamic parameters individually or in a batch. - Set to 'True' to execute the reload action in a batch, incorporating all parameter changes. - Set to 'False' to execute the reload action for each parameter change individually. The default value is 'False'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchReload")] + pub batch_reload: Option, + /// Specifies the list of commands for reload. + pub command: Vec, + /// Specifies whether to synchronize updates parameters to the config manager. Specifies two ways of controller to reload the parameter: - set to 'True', execute the reload action in sync mode, wait for the completion of reload - set to 'False', execute the reload action in async mode, just update the 'Configmap', no need to wait + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sync: Option, +} + +/// Used to perform the reload command by Go template script. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadActionTplScriptTrigger { + /// Specifies the namespace where the referenced tpl script ConfigMap in. If left empty, by default in the "default" namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specifies the reference to the ConfigMap that contains the script to be executed for reload. + #[serde(rename = "scriptConfigMapRef")] + pub script_config_map_ref: String, + /// Specifies whether to synchronize updates parameters to the config manager. Specifies two ways of controller to reload the parameter: - set to 'True', execute the reload action in sync mode, wait for the completion of reload - set to 'False', execute the reload action in async mode, just update the 'Configmap', no need to wait + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sync: Option, +} + +/// Used to trigger a reload by sending a Unix signal to the process. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadActionUnixSignalTrigger { + /// Represents the name of the process that the Unix signal sent to. + #[serde(rename = "processName")] + pub process_name: String, + /// Represents a valid Unix signal. Refer to the following URL for a list of all Unix signals: ../../pkg/configuration/configmap/handler.go:allUnixSignals + pub signal: ConfigConstraintDynamicReloadActionUnixSignalTriggerSignal, +} + +/// Used to trigger a reload by sending a Unix signal to the process. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ConfigConstraintDynamicReloadActionUnixSignalTriggerSignal { + #[serde(rename = "SIGHUP")] + Sighup, + #[serde(rename = "SIGINT")] + Sigint, + #[serde(rename = "SIGQUIT")] + Sigquit, + #[serde(rename = "SIGILL")] + Sigill, + #[serde(rename = "SIGTRAP")] + Sigtrap, + #[serde(rename = "SIGABRT")] + Sigabrt, + #[serde(rename = "SIGBUS")] + Sigbus, + #[serde(rename = "SIGFPE")] + Sigfpe, + #[serde(rename = "SIGKILL")] + Sigkill, + #[serde(rename = "SIGUSR1")] + Sigusr1, + #[serde(rename = "SIGSEGV")] + Sigsegv, + #[serde(rename = "SIGUSR2")] + Sigusr2, + #[serde(rename = "SIGPIPE")] + Sigpipe, + #[serde(rename = "SIGALRM")] + Sigalrm, + #[serde(rename = "SIGTERM")] + Sigterm, + #[serde(rename = "SIGSTKFLT")] + Sigstkflt, + #[serde(rename = "SIGCHLD")] + Sigchld, + #[serde(rename = "SIGCONT")] + Sigcont, + #[serde(rename = "SIGSTOP")] + Sigstop, + #[serde(rename = "SIGTSTP")] + Sigtstp, + #[serde(rename = "SIGTTIN")] + Sigttin, + #[serde(rename = "SIGTTOU")] + Sigttou, + #[serde(rename = "SIGURG")] + Sigurg, + #[serde(rename = "SIGXCPU")] + Sigxcpu, + #[serde(rename = "SIGXFSZ")] + Sigxfsz, + #[serde(rename = "SIGVTALRM")] + Sigvtalrm, + #[serde(rename = "SIGPROF")] + Sigprof, + #[serde(rename = "SIGWINCH")] + Sigwinch, + #[serde(rename = "SIGIO")] + Sigio, + #[serde(rename = "SIGPWR")] + Sigpwr, + #[serde(rename = "SIGSYS")] + Sigsys, +} + +/// Used to match labels on the pod to do a dynamic reload +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintDynamicReloadSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes the format of the config file. The controller works as follows: 1. Parse the config file 2. Get the modified parameters 3. Trigger the corresponding action +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintFormatterConfig { + /// The config file format. Valid values are `ini`, `xml`, `yaml`, `json`, `hcl`, `dotenv`, `properties` and `toml`. Each format has its own characteristics and use cases. + /// - ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file - xml: refers to wiki: https://en.wikipedia.org/wiki/XML - yaml: supports for complex data types and structures. - json: refers to wiki: https://en.wikipedia.org/wiki/JSON - hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/ - dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS - properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties - toml: refers to wiki: https://en.wikipedia.org/wiki/TOML - props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp) + pub format: ConfigConstraintFormatterConfigFormat, + /// A pointer to an IniConfig struct that holds the ini options. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "iniConfig")] + pub ini_config: Option, +} + +/// Describes the format of the config file. The controller works as follows: 1. Parse the config file 2. Get the modified parameters 3. Trigger the corresponding action +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ConfigConstraintFormatterConfigFormat { + #[serde(rename = "xml")] + Xml, + #[serde(rename = "ini")] + Ini, + #[serde(rename = "yaml")] + Yaml, + #[serde(rename = "json")] + Json, + #[serde(rename = "hcl")] + Hcl, + #[serde(rename = "dotenv")] + Dotenv, + #[serde(rename = "toml")] + Toml, + #[serde(rename = "properties")] + Properties, + #[serde(rename = "redis")] + Redis, + #[serde(rename = "props-plus")] + PropsPlus, +} + +/// A pointer to an IniConfig struct that holds the ini options. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintFormatterConfigIniConfig { + /// A string that describes the name of the ini section. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + +/// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintReloadToolsImage { + /// Represents the point where the scripts file will be mounted. + #[serde(rename = "mountPoint")] + pub mount_point: String, + /// Used to configure the initialization container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "toolConfigs")] + pub tool_configs: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintReloadToolsImageToolConfigs { + /// Commands to be executed when init containers. + pub command: Vec, + /// Represents the url of the tool container image. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Specifies the name of the initContainer. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintScriptConfigs { + /// Specifies the namespace where the referenced tpl script ConfigMap in. If left empty, by default in the "default" namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specifies the reference to the ConfigMap that contains the script to be executed for reload. + #[serde(rename = "scriptConfigMapRef")] + pub script_config_map_ref: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigConstraintStatus { + /// Provides descriptions for abnormal states. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// Refers to the most recent generation observed for this ConfigConstraint. This value is updated by the API Server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Specifies the status of the configuration template. When set to CCAvailablePhase, the ConfigConstraint can be referenced by ClusterDefinition or ClusterVersion. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub phase: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ConfigConstraintStatusPhase { + Available, + Unavailable, + Deleting, +} + diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/mod.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/mod.rs new file mode 100644 index 000000000..4d38d8ce5 --- /dev/null +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/mod.rs @@ -0,0 +1 @@ +pub mod configconstraints; diff --git a/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs b/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs index 4dd08449f..94e9def0e 100644 --- a/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs +++ b/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs @@ -234,9 +234,9 @@ pub struct AWXSpec { /// Secret where the database configuration can be found #[serde(default, skip_serializing_if = "Option::is_none")] pub postgres_configuration_secret: Option, - /// Path where the PostgreSQL data are located + /// Sets permissions on the /var/lib/pgdata/data for postgres container using an init container (not Openshift) #[serde(default, skip_serializing_if = "Option::is_none")] - pub postgres_data_path: Option, + pub postgres_data_volume_init: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub postgres_extra_args: Option>, /// Specify volume mounts to be added to Postgres container @@ -251,7 +251,10 @@ pub struct AWXSpec { /// PostgreSQL container image version to use #[serde(default, skip_serializing_if = "Option::is_none")] pub postgres_image_version: Option, - /// Resource requirements for the postgres init container + /// Customize the postgres init container commands (Non Openshift) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub postgres_init_container_commands: Option, + /// (Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container #[serde(default, skip_serializing_if = "Option::is_none")] pub postgres_init_container_resource_requirements: Option, /// Specify whether or not to keep the old PVC after PostgreSQL upgrades @@ -923,7 +926,7 @@ pub enum AWXLoadbalancerProtocol { Https, } -/// Resource requirements for the postgres init container +/// (Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AWXPostgresInitContainerResourceRequirements { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs index 314216248..ae9d26c0c 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs @@ -27,7 +27,7 @@ pub struct ProxyConfigPromoteSpec { /// ProxyConfigPromoteStatus defines the observed state of ProxyConfigPromote #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProxyConfigPromoteStatus { - /// Current state of the activedoc resource. Conditions represent the latest available observations of an object's state + /// Current state of the ProxyConfigPromote resource. Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// The latest Version in production diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs index 00315c16d..76688f197 100644 --- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs +++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs @@ -296,7 +296,7 @@ pub struct CephObjectStoreGatewayExternalRgwEndpoints { /// The DNS-addressable Hostname of this endpoint. This field will be preferred over IP if both are given. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// The IP of this endpoint. As a legacy behavior, this supports being given a DNS-adressable hostname as well. + /// The IP of this endpoint. As a legacy behavior, this supports being given a DNS-addressable hostname as well. #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, } diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs index e34cb70e4..92d1cb854 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs @@ -147,7 +147,7 @@ pub struct CiliumClusterwideNetworkPolicyEgressToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -686,7 +686,7 @@ pub struct CiliumClusterwideNetworkPolicyEgressDenyToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -1020,7 +1020,7 @@ pub struct CiliumClusterwideNetworkPolicyIngressFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -1483,7 +1483,7 @@ pub struct CiliumClusterwideNetworkPolicyIngressDenyFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -1849,7 +1849,7 @@ pub struct CiliumClusterwideNetworkPolicysEgressToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -2388,7 +2388,7 @@ pub struct CiliumClusterwideNetworkPolicysEgressDenyToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -2722,7 +2722,7 @@ pub struct CiliumClusterwideNetworkPolicysIngressFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -3185,7 +3185,7 @@ pub struct CiliumClusterwideNetworkPolicysIngressDenyFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs index 7d82d0e50..a5e0f236f 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs @@ -148,7 +148,7 @@ pub struct CiliumNetworkPolicyEgressToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -687,7 +687,7 @@ pub struct CiliumNetworkPolicyEgressDenyToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -1021,7 +1021,7 @@ pub struct CiliumNetworkPolicyIngressFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -1484,7 +1484,7 @@ pub struct CiliumNetworkPolicyIngressDenyFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -1850,7 +1850,7 @@ pub struct CiliumNetworkPolicysEgressToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -2389,7 +2389,7 @@ pub struct CiliumNetworkPolicysEgressDenyToCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -2723,7 +2723,7 @@ pub struct CiliumNetworkPolicysIngressFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. @@ -3186,7 +3186,7 @@ pub struct CiliumNetworkPolicysIngressDenyFromCidrSet { /// CIDR is a CIDR prefix / IP Block. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny) receive connections from. + /// CIDRGroupRef is a reference to a CiliumCIDRGroup object. A CiliumCIDRGroup contains a list of CIDRs that the endpoint, subject to the rule, can (Ingress/Egress) or cannot (IngressDeny/EgressDeny) receive connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule is not allowed to initiate connections to. These CIDR prefixes should be contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not supported yet. These exceptions are only applied to the Cidr in this CIDRRule, and do not apply to any other CIDR prefixes in any other CIDRRules. diff --git a/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1alpha1/expansiontemplate.rs b/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1alpha1/expansiontemplate.rs index d81b6b3e9..9b7a9faec 100644 --- a/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1alpha1/expansiontemplate.rs +++ b/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1alpha1/expansiontemplate.rs @@ -11,21 +11,28 @@ use serde::{Serialize, Deserialize}; #[kube(status = "ExpansionTemplateStatus")] #[kube(schema = "disabled")] pub struct ExpansionTemplateSpec { - /// ApplyTo lists the specific groups, versions and kinds of generator resources which will be expanded. + /// ApplyTo lists the specific groups, versions and kinds of generator resources + /// which will be expanded. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, - /// EnforcementAction specifies the enforcement action to be used for resources matching the ExpansionTemplate. Specifying an empty value will use the enforcement action specified by the Constraint in violation. + /// EnforcementAction specifies the enforcement action to be used for resources + /// matching the ExpansionTemplate. Specifying an empty value will use the + /// enforcement action specified by the Constraint in violation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enforcementAction")] pub enforcement_action: Option, - /// GeneratedGVK specifies the GVK of the resources which the generator resource creates. + /// GeneratedGVK specifies the GVK of the resources which the generator + /// resource creates. #[serde(default, skip_serializing_if = "Option::is_none", rename = "generatedGVK")] pub generated_gvk: Option, - /// TemplateSource specifies the source field on the generator resource to use as the base for expanded resource. For Pod-creating generators, this is usually spec.template + /// TemplateSource specifies the source field on the generator resource to + /// use as the base for expanded resource. For Pod-creating generators, this + /// is usually spec.template #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateSource")] pub template_source: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExpansionTemplateApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -36,7 +43,8 @@ pub struct ExpansionTemplateApplyTo { pub versions: Option>, } -/// GeneratedGVK specifies the GVK of the resources which the generator resource creates. +/// GeneratedGVK specifies the GVK of the resources which the generator +/// resource creates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExpansionTemplateGeneratedGvk { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -66,7 +74,9 @@ pub struct ExpansionTemplateStatusByPod { pub observed_generation: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub operations: Option>, - /// UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated. + /// UID is a type that holds unique ID values, including UUIDs. Because we + /// don't ONLY use UUIDs, this is an alias to string. Being a type captures + /// intent and helps make sure that UIDs and names do not get conflated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateUID")] pub template_uid: Option, } diff --git a/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1beta1/expansiontemplate.rs b/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1beta1/expansiontemplate.rs index f69210b7a..9aef55293 100644 --- a/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1beta1/expansiontemplate.rs +++ b/kube-custom-resources-rs/src/expansion_gatekeeper_sh/v1beta1/expansiontemplate.rs @@ -11,21 +11,28 @@ use serde::{Serialize, Deserialize}; #[kube(status = "ExpansionTemplateStatus")] #[kube(schema = "disabled")] pub struct ExpansionTemplateSpec { - /// ApplyTo lists the specific groups, versions and kinds of generator resources which will be expanded. + /// ApplyTo lists the specific groups, versions and kinds of generator resources + /// which will be expanded. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, - /// EnforcementAction specifies the enforcement action to be used for resources matching the ExpansionTemplate. Specifying an empty value will use the enforcement action specified by the Constraint in violation. + /// EnforcementAction specifies the enforcement action to be used for resources + /// matching the ExpansionTemplate. Specifying an empty value will use the + /// enforcement action specified by the Constraint in violation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enforcementAction")] pub enforcement_action: Option, - /// GeneratedGVK specifies the GVK of the resources which the generator resource creates. + /// GeneratedGVK specifies the GVK of the resources which the generator + /// resource creates. #[serde(default, skip_serializing_if = "Option::is_none", rename = "generatedGVK")] pub generated_gvk: Option, - /// TemplateSource specifies the source field on the generator resource to use as the base for expanded resource. For Pod-creating generators, this is usually spec.template + /// TemplateSource specifies the source field on the generator resource to + /// use as the base for expanded resource. For Pod-creating generators, this + /// is usually spec.template #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateSource")] pub template_source: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExpansionTemplateApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -36,7 +43,8 @@ pub struct ExpansionTemplateApplyTo { pub versions: Option>, } -/// GeneratedGVK specifies the GVK of the resources which the generator resource creates. +/// GeneratedGVK specifies the GVK of the resources which the generator +/// resource creates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExpansionTemplateGeneratedGvk { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -66,7 +74,9 @@ pub struct ExpansionTemplateStatusByPod { pub observed_generation: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub operations: Option>, - /// UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated. + /// UID is a type that holds unique ID values, including UUIDs. Because we + /// don't ONLY use UUIDs, this is an alias to string. Being a type captures + /// intent and helps make sure that UIDs and names do not get conflated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateUID")] pub template_uid: Option, } diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs index f21bba4e0..42b18c8bd 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs @@ -22,8 +22,12 @@ pub struct ClusterExternalSecretSpec { #[serde(rename = "externalSecretSpec")] pub external_secret_spec: ClusterExternalSecretExternalSecretSpec, /// The labels to select by to find the Namespaces to create the ExternalSecrets in. + /// Deprecated: Use NamespaceSelectors instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// A list of labels to select by to find the Namespaces to create the ExternalSecrets in. The selectors are ORed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelectors")] + pub namespace_selectors: Option>, /// Choose namespaces by name. This field is ORed with anything that NamespaceSelector ends up choosing. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, @@ -526,6 +530,7 @@ pub enum ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFromTarget } /// The labels to select by to find the Namespaces to create the ExternalSecrets in. +/// Deprecated: Use NamespaceSelectors instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -555,6 +560,38 @@ pub struct ClusterExternalSecretNamespaceSelectorMatchExpressions { pub values: Option>, } +/// A label selector is a label query over a set of resources. The result of matchLabels and +/// matchExpressions are ANDed. An empty label selector matches all objects. A null +/// label selector matches no objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterExternalSecretNamespaceSelectors { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterExternalSecretNamespaceSelectorsMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// ClusterExternalSecretStatus defines the observed state of ClusterExternalSecret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretStatus { diff --git a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs index 2a7e8e4e7..5a5ecbe17 100644 --- a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs +++ b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs @@ -6,21 +6,18 @@ use kube::CustomResource; use serde::{Serialize, Deserialize}; use std::collections::BTreeMap; -/// JobFlowSpec defines the desired state of JobFlow #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "flow.volcano.sh", version = "v1alpha1", kind = "JobFlow", plural = "jobflows")] #[kube(namespaced)] #[kube(status = "JobFlowStatus")] #[kube(schema = "disabled")] pub struct JobFlowSpec { - /// Foo is an example field of JobFlow. Edit jobflow_types.go to remove/update #[serde(default, skip_serializing_if = "Option::is_none")] pub flows: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobRetainPolicy")] pub job_retain_policy: Option, } -/// Flow defines the dependent of jobs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowFlows { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")] @@ -48,7 +45,6 @@ pub struct JobFlowFlowsDependsOnProbe { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowFlowsDependsOnProbeHttpGetList { - /// HTTPHeader describes a custom header to be used in HTTP probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeader")] pub http_header: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -59,12 +55,9 @@ pub struct JobFlowFlowsDependsOnProbeHttpGetList { pub task_name: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowFlowsDependsOnProbeHttpGetListHttpHeader { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } @@ -83,7 +76,6 @@ pub struct JobFlowFlowsDependsOnProbeTcpSocketList { pub task_name: Option, } -/// JobFlowStatus defines the observed state of JobFlow #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "completedJobs")] @@ -110,7 +102,6 @@ pub struct JobFlowStatus { pub struct JobFlowStatusConditions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "createTime")] pub create_time: Option, - /// JobPhase defines the phase of the job. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runningDuration")] @@ -121,7 +112,6 @@ pub struct JobFlowStatusConditions { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowStatusConditionsTaskStatusCount { - /// The phase of Task. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option>, } @@ -138,7 +128,6 @@ pub struct JobFlowStatusJobStatusList { pub running_histories: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTimestamp")] pub start_timestamp: Option, - /// JobPhase defines the phase of the job. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, } @@ -149,7 +138,6 @@ pub struct JobFlowStatusJobStatusListRunningHistories { pub end_timestamp: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTimestamp")] pub start_timestamp: Option, - /// JobPhase defines the phase of the job. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, } diff --git a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs index 6b9c8dba1..26d11bae3 100644 --- a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs +++ b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs @@ -7,143 +7,102 @@ use serde::{Serialize, Deserialize}; use std::collections::BTreeMap; use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; -/// JobSpec describes how the job execution will look like and when it will actually run. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "flow.volcano.sh", version = "v1alpha1", kind = "JobTemplate", plural = "jobtemplates")] #[kube(namespaced)] #[kube(status = "JobTemplateStatus")] #[kube(schema = "disabled")] pub struct JobTemplateSpec { - /// Specifies the maximum number of retries before marking this Job failed. Defaults to 3. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetry")] pub max_retry: Option, - /// The minimal available pods to run for this Job Defaults to the summary of tasks' replicas #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, - /// The minimal success pods to run for this Job #[serde(default, skip_serializing_if = "Option::is_none", rename = "minSuccess")] pub min_success: Option, - /// Specifies the plugin of job Key is plugin name, value is the arguments of the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub plugins: Option>, - /// Specifies the default lifecycle of tasks #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, - /// If specified, indicates the job's priority. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// Specifies the queue that will be used in the scheduler, "default" queue is used this leaves empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub queue: Option, - /// Running Estimate is a user running duration estimate for the job Default to nil #[serde(default, skip_serializing_if = "Option::is_none", rename = "runningEstimate")] pub running_estimate: Option, - /// SchedulerName is the default value of `tasks.template.spec.schedulerName`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, - /// Tasks specifies the task specification of Job #[serde(default, skip_serializing_if = "Option::is_none")] pub tasks: Option>, - /// ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Completed or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ttlSecondsAfterFinished")] pub ttl_seconds_after_finished: Option, - /// The volumes mount on Job #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, } -/// LifecyclePolicy specifies the lifecycle and error handling of task and job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplatePolicies { - /// The action that will be taken to the PodGroup according to Event. One of "Restart", "None". Default to None. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, - /// The Event recorded by scheduler; the controller takes actions according to this Event. #[serde(default, skip_serializing_if = "Option::is_none")] pub event: Option, - /// The Events recorded by scheduler; the controller takes actions according to this Events. #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, - /// The exit code of the pod container, controller will take action according to this code. Note: only one of `Event` or `ExitCode` can be specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCode")] pub exit_code: Option, - /// Timeout is the grace period for controller to take actions. Default to nil (take action immediately). #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, } -/// TaskSpec specifies the task specification of Job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasks { - /// Specifies the tasks that this task depends on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")] pub depends_on: Option, - /// Specifies the maximum number of retries before marking this Task failed. Defaults to 3. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetry")] pub max_retry: Option, - /// The minimal available pods to run for this Task Defaults to the task replicas #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, - /// Name specifies the name of tasks #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specifies the lifecycle of task #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, - /// Replicas specifies the replicas of this TaskSpec in Job #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Specifies the pod that will be created for this TaskSpec when executing a Job #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option, - /// Specifies the topology policy of task #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyPolicy")] pub topology_policy: Option, } -/// Specifies the tasks that this task depends on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksDependsOn { - /// This field specifies that when there are multiple dependent tasks, as long as one task becomes the specified state, the task scheduling is triggered or all tasks must be changed to the specified state to trigger the task scheduling #[serde(default, skip_serializing_if = "Option::is_none")] pub iteration: Option, - /// Indicates the name of the tasks that this task depends on, which can depend on multiple tasks #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option>, } -/// LifecyclePolicy specifies the lifecycle and error handling of task and job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksPolicies { - /// The action that will be taken to the PodGroup according to Event. One of "Restart", "None". Default to None. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, - /// The Event recorded by scheduler; the controller takes actions according to this Event. #[serde(default, skip_serializing_if = "Option::is_none")] pub event: Option, - /// The Events recorded by scheduler; the controller takes actions according to this Events. #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, - /// The exit code of the pod container, controller will take action according to this code. Note: only one of `Event` or `ExitCode` can be specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCode")] pub exit_code: Option, - /// Timeout is the grace period for controller to take actions. Default to nil (take action immediately). #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, } -/// Specifies the pod that will be created for this TaskSpec when executing a Job #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplate { - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -158,3581 +117,2459 @@ pub struct JobTemplateTasksTemplateMetadata { pub namespace: Option, } -/// Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpec { - /// Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer. #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDeadlineSeconds")] pub active_deadline_seconds: Option, - /// If specified, the pod's scheduling constraints #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] pub automount_service_account_token: Option, - /// List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. pub containers: Vec, - /// Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] pub dns_config: Option, - /// Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsPolicy")] pub dns_policy: Option, - /// EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableServiceLinks")] pub enable_service_links: Option, - /// List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralContainers")] pub ephemeral_containers: Option>, - /// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, - /// Use the host's ipc namespace. Optional: Default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIPC")] pub host_ipc: Option, - /// Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, - /// Use the host's pid namespace. Optional: Default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPID")] pub host_pid: Option, - /// Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostUsers")] pub host_users: Option, - /// Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, - /// List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, - /// NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] pub node_name: Option, - /// NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, - /// Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. - /// If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions - /// If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup #[serde(default, skip_serializing_if = "Option::is_none")] pub os: Option, - /// Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub overhead: Option>, - /// PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preemptionPolicy")] pub preemption_policy: Option, - /// The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority. #[serde(default, skip_serializing_if = "Option::is_none")] pub priority: Option, - /// If specified, indicates the pod's priority. "system-node-critical" and "system-cluster-critical" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] pub readiness_gates: Option>, - /// ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] pub resource_claims: Option>, - /// Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] pub runtime_class_name: Option, - /// If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, - /// SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. - /// SchedulingGates can only be set at pod creation time, and be removed only afterwards. - /// This is a beta feature enabled by the PodSchedulingReadiness feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingGates")] pub scheduling_gates: Option>, - /// SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, - /// ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, - /// If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "setHostnameAsFQDN")] pub set_hostname_as_fqdn: Option, - /// Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] pub share_process_namespace: Option, - /// If specified, the fully qualified Pod hostname will be "...svc.". If not specified, the pod will not have a domainname at all. #[serde(default, skip_serializing_if = "Option::is_none")] pub subdomain: Option, - /// Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// If specified, the pod's tolerations. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, - /// List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, } -/// If specified, the pod's scheduling constraints #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinity { - /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, - /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, - /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } -/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// A node selector term, associated with the corresponding weight. pub preference: JobTemplateTasksTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, - /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } -/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { - /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { - /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { - /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { - /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { - /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { - /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. pub weight: i32, } -/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. pub weight: i32, } -/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, - /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } -/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } -/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvValueFrom { - /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } -/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvValueFromConfigMapKeyRef { - /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, - /// Required: resource to select pub resource: String, } -/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvFrom { - /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, - /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePostStart { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePostStartSleep { - /// Seconds is the number of seconds to sleep. pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePostStartTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePreStop { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePreStopSleep { - /// Seconds is the number of seconds to sleep. pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLifecyclePreStopTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLivenessProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLivenessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersLivenessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, - /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersReadinessProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersReadinessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersReadinessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersSecurityContextCapabilities { - /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, - /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, - /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, - /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersStartupProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersStartupProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersStartupProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersVolumeDevices { - /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, - /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } -/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, - /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } -/// Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecDnsConfig { - /// A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, - /// A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub searches: Option>, } -/// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecDnsConfigOptions { - /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } -/// An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. -/// To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainers { - /// Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Lifecycle is not allowed for ephemeral containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Probes are not allowed for ephemeral containers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers. pub name: String, - /// Ports are not allowed for ephemeral containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Probes are not allowed for ephemeral containers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// Probes are not allowed for ephemeral containers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. - /// The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetContainerName")] pub target_container_name: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, - /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } -/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } -/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvValueFrom { - /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } -/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvValueFromConfigMapKeyRef { - /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, - /// Required: resource to select pub resource: String, } -/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvFrom { - /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, - /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Lifecycle is not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePostStart { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePostStartSleep { - /// Seconds is the number of seconds to sleep. pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePostStartTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePreStop { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePreStopSleep { - /// Seconds is the number of seconds to sleep. pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLifecyclePreStopTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLivenessProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLivenessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersLivenessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, - /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersReadinessProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersReadinessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersReadinessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. pub name: String, } -/// Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContextCapabilities { - /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, - /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, - /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, - /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersStartupProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersStartupProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersStartupProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersVolumeDevices { - /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, - /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } -/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, - /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } -/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecHostAliases { - /// Hostnames for the above IP address. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, - /// IP address of the host file entry. #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecImagePullSecrets { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, - /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } -/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } -/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvValueFrom { - /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } -/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvValueFromConfigMapKeyRef { - /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, - /// Required: resource to select pub resource: String, } -/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvFrom { - /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, - /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePostStartSleep { - /// Seconds is the number of seconds to sleep. pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePostStartTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePreStopSleep { - /// Seconds is the number of seconds to sleep. pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLifecyclePreStopTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLivenessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersLivenessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, - /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersReadinessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersReadinessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContextCapabilities { - /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, - /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, - /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, - /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersStartupProbe { - /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersStartupProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, - /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } -/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, - /// The header field value pub value: String, } -/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersStartupProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersVolumeDevices { - /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, - /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } -/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, - /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } -/// Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. -/// If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions -/// If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecOs { - /// Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null pub name: String, } -/// PodReadinessGate contains the reference to a pod condition #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecReadinessGates { - /// ConditionType refers to a condition in the pod's condition list with matching type. #[serde(rename = "conditionType")] pub condition_type: String, } -/// PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecResourceClaims { - /// Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL. pub name: String, - /// Source describes where to find the ResourceClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Source describes where to find the ResourceClaim. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecResourceClaimsSource { - /// ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimName")] pub resource_claim_name: Option, - /// ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. - /// The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. - /// This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimTemplateName")] pub resource_claim_template_name: Option, } -/// PodSchedulingGate is associated to a Pod to guard its scheduling. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSchedulingGates { - /// Name of the scheduling gate. Each scheduling gate must have a unique name field. pub name: String, } -/// SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, - /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, - /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContextSysctls { - /// Name of a property to set pub name: String, - /// Value of a property to set pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } -/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecTopologySpreadConstraintsLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, - /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage #[serde(rename = "diskName")] pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key #[serde(rename = "secretName")] pub secret_name: String, - /// shareName is the azure share Name #[serde(rename = "shareName")] pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesConfigMapItems { - /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// Items is a list of downward API volume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } -/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, - /// Required: resource to select pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. pub spec: JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3747,775 +2584,535 @@ pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateMetada pub namespace: Option, } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, - /// Kind is the type of resource being referenced pub kind: String, - /// Name is the name of resource being referenced pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, - /// Kind is the type of resource being referenced pub kind: String, - /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, - /// repository is the URL pub repository: String, - /// revision is the commit hash for the specified revision. #[serde(default, skip_serializing_if = "Option::is_none")] pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk #[serde(rename = "pdID")] pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume #[serde(rename = "volumeID")] pub volume_id: String, } -/// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, - /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// secret information about the secret data to project #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. pub path: String, } -/// downwardAPI information about the downwardAPI data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } -/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, - /// Required: resource to select pub resource: String, } -/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// optional field specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesSecretItems { - /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. pub path: String, } -/// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesQuobyte { - /// group to map volume access to Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: JobTemplateTasksTemplateSpecVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } -/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesSecretItems { - /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. pub path: String, } -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk #[serde(rename = "volumePath")] pub volume_path: String, } -/// VolumeSpec defines the specification of Volume, e.g. PVC. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumes { - /// Path within the container at which the volume should be mounted. Must not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// VolumeClaim defines the PVC used by the VolumeMount. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaim")] pub volume_claim: Option, - /// defined the PVC name #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimName")] pub volume_claim_name: Option, } -/// VolumeClaim defines the PVC used by the VolumeMount. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumesVolumeClaim { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumesVolumeClaimDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, - /// Kind is the type of resource being referenced pub kind: String, - /// Name is the name of resource being referenced pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumesVolumeClaimDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, - /// Kind is the type of resource being referenced pub kind: String, - /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumesVolumeClaimResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumesVolumeClaimSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumesVolumeClaimSelectorMatchExpressions { - /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// JobTemplateStatus defines the observed state of JobTemplate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateStatus { - /// Describes the Jobs generated from the JobTemplate #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobDependsOnList")] pub job_depends_on_list: Option>, } diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs index e896d9a60..2c4fecc9e 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs @@ -1304,6 +1304,9 @@ pub struct FlowCollectorProcessor { /// `resources` are the compute resources required by this container. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// `subnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetLabels")] + pub subnet_labels: Option, } /// `debug` allows setting some aspects of the internal configuration of the flow processor. This section is aimed exclusively for debugging and fine-grained performance optimizations, such as `GOGC` and `GOMAXPROCS` env vars. Set these values at your own risk. @@ -1700,6 +1703,28 @@ pub struct FlowCollectorProcessorResourcesClaims { pub name: String, } +/// `subnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct FlowCollectorProcessorSubnetLabels { + /// `customLabels` allows to customize subnets and IPs labelling, such as to identify cluster-external workloads or web services. If you enable `openShiftAutoDetect`, `customLabels` can override the detected subnets in case they overlap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customLabels")] + pub custom_labels: Option>, + /// `openShiftAutoDetect` allows, when set to `true`, to detect automatically the machines, pods and services subnets based on the OpenShift install configuration and the Cluster Network Operator configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "openShiftAutoDetect")] + pub open_shift_auto_detect: Option, +} + +/// SubnetLabel allows to label subnets and IPs, such as to identify cluster-external workloads or web services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct FlowCollectorProcessorSubnetLabelsCustomLabels { + /// List of CIDRs, such as `["1.2.3.4/32"]`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidrs: Option>, + /// Label name, used to flag matching flows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// `FlowCollectorStatus` defines the observed state of FlowCollector #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct FlowCollectorStatus { diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs index 5dfa482ba..25f1aa94f 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs @@ -1707,7 +1707,7 @@ pub struct FlowCollectorLokiLokiStack { /// Name of an existing LokiStack resource to use. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace where this `LokiStack` resource is located. If omited, it is assumed to be the same as `spec.namespace`. + /// Namespace where this `LokiStack` resource is located. If omitted, it is assumed to be the same as `spec.namespace`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2128,6 +2128,9 @@ pub struct FlowCollectorProcessor { /// `resources` are the compute resources required by this container. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// `SubnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetLabels")] + pub subnet_labels: Option, } /// `advanced` allows setting some aspects of the internal configuration of the flow processor. This section is aimed mostly for debugging and fine-grained performance optimizations, such as `GOGC` and `GOMAXPROCS` env vars. Set these values at your own risk. @@ -2846,6 +2849,28 @@ pub struct FlowCollectorProcessorResourcesClaims { pub name: String, } +/// `SubnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct FlowCollectorProcessorSubnetLabels { + /// `customLabels` allows to customize subnets and IPs labelling, such as to identify cluster-external workloads or web services. If you enable `openShiftAutoDetect`, `customLabels` can override the detected subnets in case they overlap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customLabels")] + pub custom_labels: Option>, + /// `openShiftAutoDetect` allows, when set to `true`, to detect automatically the machines, pods and services subnets based on the OpenShift install configuration and the Cluster Network Operator configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "openShiftAutoDetect")] + pub open_shift_auto_detect: Option, +} + +/// SubnetLabel allows to label subnets and IPs, such as to identify cluster-external workloads or web services. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct FlowCollectorProcessorSubnetLabelsCustomLabels { + /// List of CIDRs, such as `["1.2.3.4/32"]`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidrs: Option>, + /// Label name, used to flag matching flows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// `FlowCollectorStatus` defines the observed state of FlowCollector #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct FlowCollectorStatus { diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs index cccc88cc1..287700cd3 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs @@ -272,9 +272,6 @@ pub struct HTTPRouteParentRefs { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the @@ -2538,9 +2535,6 @@ pub struct HTTPRouteStatusParentsParentRef { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/grpcroutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/grpcroutes.rs index 81e668435..9acac3e28 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/grpcroutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/grpcroutes.rs @@ -268,9 +268,6 @@ pub struct GRPCRouteParentRefs { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the @@ -1730,9 +1727,6 @@ pub struct GRPCRouteStatusParentsParentRef { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs index 95846ef4f..ebe2a864c 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs @@ -205,9 +205,6 @@ pub struct TCPRouteParentRefs { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the @@ -542,9 +539,6 @@ pub struct TCPRouteStatusParentsParentRef { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs index fbec3664c..9a9d17217 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs @@ -246,9 +246,6 @@ pub struct TLSRouteParentRefs { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the @@ -586,9 +583,6 @@ pub struct TLSRouteStatusParentsParentRef { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs index 9fcec18b8..ddd9d5398 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs @@ -205,9 +205,6 @@ pub struct UDPRouteParentRefs { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the @@ -542,9 +539,6 @@ pub struct UDPRouteStatusParentsParentRef { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs index a6658a24d..77d91ab72 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs @@ -272,9 +272,6 @@ pub struct HTTPRouteParentRefs { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the @@ -2538,9 +2535,6 @@ pub struct HTTPRouteStatusParentsParentRef { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// SectionName is the name of a section within the target resource. In the diff --git a/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/hazelcasts.rs b/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/hazelcasts.rs index 9f9f15f9b..aec56e51f 100644 --- a/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/hazelcasts.rs +++ b/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/hazelcasts.rs @@ -209,10 +209,10 @@ pub struct HazelcastCpSubsystem { /// PVC is the configuration of PersistenceVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub pvc: Option, - /// SessionHeartbeatIntervalSeconds Interval in seconds for the periodically committed CP session heartbeats. Must be greater than or equal to SessionTTLSeconds. + /// SessionHeartbeatIntervalSeconds Interval in seconds for the periodically committed CP session heartbeats. Must be smaller than SessionTTLSeconds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionHeartbeatIntervalSeconds")] pub session_heartbeat_interval_seconds: Option, - /// SessionTTLSeconds is the duration for a CP session to be kept alive after the last received heartbeat. Must be greater than or equal to SessionTTLSeconds. + /// SessionTTLSeconds is the duration for a CP session to be kept alive after the last received heartbeat. Must be greater than or equal to SessionHeartbeatIntervalSeconds and smaller than or equal to MissingCpMemberAutoRemovalSeconds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionTTLSeconds")] pub session_ttl_seconds: Option, } diff --git a/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/wanreplications.rs b/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/wanreplications.rs index a29592340..daa4eecc0 100644 --- a/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/wanreplications.rs +++ b/kube-custom-resources-rs/src/hazelcast_com/v1alpha1/wanreplications.rs @@ -26,6 +26,9 @@ pub struct WanReplicationSpec { pub queue: Option, /// Resources is the list of custom resources to which WAN replication applies. pub resources: Vec, + /// SyncConsistencyCheckStrategy is the strategy for checking the consistency of data between replicas. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncConsistencyCheckStrategy")] + pub sync_consistency_check_strategy: Option, /// ClusterName is the clusterName field of the target Hazelcast resource. #[serde(rename = "targetClusterName")] pub target_cluster_name: String, diff --git a/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs b/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs index b419d84fe..a80ab23ee 100644 --- a/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs +++ b/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2beta2/helmreleases.rs @@ -238,6 +238,8 @@ pub struct HelmReleaseChartSpecVerify { pub enum HelmReleaseChartSpecVerifyProvider { #[serde(rename = "cosign")] Cosign, + #[serde(rename = "notation")] + Notation, } /// SecretRef specifies the Kubernetes Secret containing the diff --git a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs index 1a09f0dc8..a24410027 100644 --- a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs +++ b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs @@ -21,6 +21,9 @@ pub struct JobSetSpec { /// finished with status failed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, + /// ManagedBy is used to indicate the controller or entity that manages a JobSet + #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] + pub managed_by: Option, /// Network defines the networking options for the jobset. #[serde(default, skip_serializing_if = "Option::is_none")] pub network: Option, diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs index 994416bc0..0e722e58f 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs @@ -78,7 +78,7 @@ pub struct NodeClaimKubelet { pub image_gc_low_threshold_percent: Option, /// KubeReserved contains resources reserved for Kubernetes system components. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] - pub kube_reserved: Option>, + pub kube_reserved: Option>, /// MaxPods is an override for the maximum number of pods that can run on /// a worker node instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] @@ -90,7 +90,7 @@ pub struct NodeClaimKubelet { pub pods_per_core: Option, /// SystemReserved contains resources reserved for OS system daemons and kernel memory. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] - pub system_reserved: Option>, + pub system_reserved: Option>, } /// NodeClassRef is a reference to an object that defines provider specific configuration diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs index f716f5e17..3bbac570c 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs @@ -187,7 +187,7 @@ pub struct NodePoolTemplateSpecKubelet { pub image_gc_low_threshold_percent: Option, /// KubeReserved contains resources reserved for Kubernetes system components. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] - pub kube_reserved: Option>, + pub kube_reserved: Option>, /// MaxPods is an override for the maximum number of pods that can run on /// a worker node instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] @@ -199,7 +199,7 @@ pub struct NodePoolTemplateSpecKubelet { pub pods_per_core: Option, /// SystemReserved contains resources reserved for OS system daemons and kernel memory. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] - pub system_reserved: Option>, + pub system_reserved: Option>, } /// NodeClassRef is a reference to an object that defines provider specific configuration diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs b/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs index 40829bf07..ea2cf8870 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs @@ -16,6 +16,9 @@ use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; pub struct DNSRecordSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoints: Option>, + /// HealthCheckSpec configures health checks in the DNS provider. By default this health check will be applied to each unique DNS A Record for the listeners assigned to the target gateway + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheck")] + pub health_check: Option, /// ManagedZoneReference holds a reference to a ManagedZone #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedZone")] pub managed_zone: Option, @@ -62,6 +65,19 @@ pub struct DNSRecordEndpointsProviderSpecific { pub value: Option, } +/// HealthCheckSpec configures health checks in the DNS provider. By default this health check will be applied to each unique DNS A Record for the listeners assigned to the target gateway +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DNSRecordHealthCheck { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub endpoint: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, +} + /// ManagedZoneReference holds a reference to a ManagedZone #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSRecordManagedZone { @@ -81,6 +97,8 @@ pub struct DNSRecordStatus { /// Note: This will not be required if/when we switch to using external-dns since when running with a "sync" policy it will clean up unused records automatically. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoints: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheck")] + pub health_check: Option, /// observedGeneration is the most recently observed generation of the DNSRecord. When the DNSRecord is updated, the controller updates the corresponding record in each managed zone. If an update for a particular zone fails, that failure is recorded in the status condition for the zone so that the controller can determine that it needs to retry the update for that specific zone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, @@ -121,3 +139,9 @@ pub struct DNSRecordStatusEndpointsProviderSpecific { pub value: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DNSRecordStatusHealthCheck { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, +} + diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs index 06b4ff01c..9134001a0 100644 --- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs +++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs @@ -69,7 +69,7 @@ pub struct ClusterQueueSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub preemption: Option, /// QueueingStrategy indicates the queueing strategy of the workloads - /// across the queues in this ClusterQueue. This field is immutable. + /// across the queues in this ClusterQueue. /// Current Supported Strategies: /// /// diff --git a/kube-custom-resources-rs/src/lib.rs b/kube-custom-resources-rs/src/lib.rs index 3f59afc9f..322b5946c 100644 --- a/kube-custom-resources-rs/src/lib.rs +++ b/kube-custom-resources-rs/src/lib.rs @@ -281,6 +281,9 @@ apiVersion `apps.kubeblocks.io/v1alpha1`: - `OpsRequest` - `ServiceDescriptor` +apiVersion `apps.kubeblocks.io/v1beta1`: +- `ConfigConstraint` + ## apps_kubedl_io apiVersion `apps.kubedl.io/v1alpha1`: @@ -2905,6 +2908,9 @@ apiVersion `submariner.io/v1alpha1`: ## telemetry_istio_io +apiVersion `telemetry.istio.io/v1`: +- `Telemetry` + apiVersion `telemetry.istio.io/v1alpha1`: - `Telemetry` diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs index 2ba872983..8c1783646 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs @@ -97,6 +97,8 @@ pub struct ClusterOutputAwsElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, @@ -1601,6 +1603,8 @@ pub struct ClusterOutputElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs index 3016dda49..f598ae2c9 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs @@ -87,6 +87,8 @@ pub struct OutputAwsElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, @@ -1591,6 +1593,8 @@ pub struct OutputElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs index 7c1332547..3697e20bb 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs @@ -97,6 +97,8 @@ pub struct ClusterOutputAwsElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, @@ -1601,6 +1603,8 @@ pub struct ClusterOutputElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs index 69a54d833..086e97a1f 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs @@ -95,6 +95,8 @@ pub struct OutputAwsElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, @@ -1599,6 +1601,8 @@ pub struct OutputElasticsearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub client_key_pass: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom_headers: Option, diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimagemanagers.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimagemanagers.rs index 7d95c9b90..33a2b2eca 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimagemanagers.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimagemanagers.rs @@ -64,5 +64,7 @@ pub struct BackingImageManagerStatusBackingImageFileMap { pub state: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub uuid: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "virtualSize")] + pub virtual_size: Option, } diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs index 2a6f08888..0b4124410 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs @@ -51,6 +51,9 @@ pub struct BackingImageStatus { pub size: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub uuid: Option, + /// Virtual size of image, which may be larger than physical size. Will be zero until known (e.g. while a backing image is uploading) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "virtualSize")] + pub virtual_size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs index 0eee83c29..7440e0430 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs @@ -30,6 +30,9 @@ pub struct ScrapeConfigSpec { /// DNSSDConfigs defines a list of DNS service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsSDConfigs")] pub dns_sd_configs: Option>, + /// DockerSDConfigs defines a list of Docker service discovery configurations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dockerSDConfigs")] + pub docker_sd_configs: Option>, /// EC2SDConfigs defines a list of EC2 service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ec2SDConfigs")] pub ec2_sd_configs: Option>, @@ -38,12 +41,18 @@ pub struct ScrapeConfigSpec { /// If unset, Prometheus uses true by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableCompression")] pub enable_compression: Option, + /// EurekaSDConfigs defines a list of Eureka service discovery configurations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eurekaSDConfigs")] + pub eureka_sd_configs: Option>, /// FileSDConfigs defines a list of file service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileSDConfigs")] pub file_sd_configs: Option>, /// GCESDConfigs defines a list of GCE service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gceSDConfigs")] pub gce_sd_configs: Option>, + /// HetznerSDConfigs defines a list of Hetzner service discovery configurations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hetznerSDConfigs")] + pub hetzner_sd_configs: Option>, /// HonorLabels chooses the metric's labels on collisions with target labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "honorLabels")] pub honor_labels: Option, @@ -60,6 +69,9 @@ pub struct ScrapeConfigSpec { /// KubernetesSDConfigs defines a list of Kubernetes service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesSDConfigs")] pub kubernetes_sd_configs: Option>, + /// KumaSDConfigs defines a list of Kuma service discovery configurations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kumaSDConfigs")] + pub kuma_sd_configs: Option>, /// Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelLimit")] pub label_limit: Option, @@ -891,35 +903,1187 @@ pub enum ScrapeConfigDnsSdConfigsType { Ns, } +/// Docker SD configurations allow retrieving scrape targets from Docker Engine hosts. This SD discovers "containers" and will create a target for each network IP and port the container is configured to expose. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#docker_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigs { + /// Authorization header configuration to authenticate against the Docker API. Cannot be set at the same time as `oauth2`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// BasicAuth information to use on every scrape request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Optional filters to limit the discovery process to a subset of the available resources. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// Address of the docker daemon + pub host: String, + /// The host to use if the container is in host networking mode. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetworkingHost")] + pub host_networking_host: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// The port to scrape metrics from. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// Time after which the container is refreshed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// TLS configuration applying to the target HTTP endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, +} + +/// Authorization header configuration to authenticate against the Docker API. Cannot be set at the same time as `oauth2`. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// "Basic" is not a supported value. + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// BasicAuth information to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// DockerFilter is the configuration to limit the discovery process to a subset of available resources. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsFilters { + pub name: String, + pub values: Vec, +} + +/// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigDockerSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigDockerSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigEc2SdConfigs { - /// AccessKey is the AWS API key. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] - pub access_key: Option, - /// Filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html +pub struct ScrapeConfigEc2SdConfigs { + /// AccessKey is the AWS API key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] + pub access_key: Option, + /// Filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, + /// The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The AWS region + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, + /// AWS Role ARN, an alternative to using AWS API keys. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleARN")] + pub role_arn: Option, + /// SecretKey is the AWS API secret. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] + pub secret_key: Option, +} + +/// AccessKey is the AWS API key. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsAccessKey { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// EC2Filter is the configuration for filtering EC2 instances. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsFilters { + pub name: String, + pub values: Vec, +} + +/// SecretKey is the AWS API secret. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsSecretKey { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Eureka SD configurations allow retrieving scrape targets using the Eureka REST API. Prometheus will periodically check the REST endpoint and create a target for every app instance. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigs { + /// Authorization header to use on every scrape request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// BasicAuth information to use on every scrape request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization` or `basic_auth`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// Refresh interval to re-read the instance list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The URL to connect to the Eureka server. + pub server: String, + /// TLS configuration applying to the target HTTP endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, +} + +/// Authorization header to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// "Basic" is not a supported value. + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// BasicAuth information to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization` or `basic_auth`. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigEurekaSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigEurekaSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// FileSDConfig defines a Prometheus file service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigFileSdConfigs { + /// List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. + pub files: Vec, + /// RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, +} + +/// GCESDConfig configures scrape targets from GCP GCE instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config +/// The GCE service discovery will load the Google Cloud credentials from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform +/// A pre-requisite for using GCESDConfig is that a Secret containing valid Google Cloud credentials is mounted into the Prometheus or PrometheusAgent pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS environment variable is set to /etc/prometheus/secrets//. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigGceSdConfigs { + /// Filter can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filter: Option, + /// The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// The Google Cloud Project ID + pub project: String, + /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The tag separator is used to separate the tags on concatenation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] + pub tag_separator: Option, + /// The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs. + pub zone: String, +} + +/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. This service discovery uses the public IPv4 address by default, but that can be changed with relabeling See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigs { + /// Authorization header configuration, required when role is hcloud. Role robot does not support bearer token authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// BasicAuth information to use on every scrape request, required when role is robot. Role hcloud does not support basic auth. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// Optional OAuth 2.0 configuration. Cannot be used at the same time as `basic_auth` or `authorization`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// The port to scrape metrics from. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// The time after which the servers are refreshed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The Hetzner role of entities that should be discovered. + pub role: ScrapeConfigHetznerSdConfigsRole, + /// TLS configuration to use on every scrape request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, +} + +/// Authorization header configuration, required when role is hcloud. Role robot does not support bearer token authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// "Basic" is not a supported value. + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// BasicAuth information to use on every scrape request, required when role is robot. Role hcloud does not support basic auth. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Optional OAuth 2.0 configuration. Cannot be used at the same time as `basic_auth` or `authorization`. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigHetznerSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigHetznerSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. This service discovery uses the public IPv4 address by default, but that can be changed with relabeling See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHetznerSdConfigsRole { + #[serde(rename = "hcloud")] + Hcloud, + #[serde(rename = "Hcloud")] + HcloudX, + #[serde(rename = "robot")] + Robot, + #[serde(rename = "Robot")] + RobotX, +} + +/// TLS configuration to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// HTTPSDConfig defines a prometheus HTTP service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigs { + /// Authorization header configuration to authenticate against the target HTTP endpoint. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// RefreshInterval configures the refresh interval at which Prometheus will re-query the endpoint to update the target list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// TLS configuration applying to the target HTTP endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// URL from which the targets are fetched. + pub url: String, +} + +/// Authorization header configuration to authenticate against the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// "Basic" is not a supported value. + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub filters: Option>, - /// The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// The AWS region + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub region: Option, - /// AWS Role ARN, an alternative to using AWS API keys. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleARN")] - pub role_arn: Option, - /// SecretKey is the AWS API secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] - pub secret_key: Option, + pub optional: Option, } -/// AccessKey is the AWS API key. +/// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsAccessKey { +pub struct ScrapeConfigHttpSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -930,76 +2094,91 @@ pub struct ScrapeConfigEc2SdConfigsAccessKey { pub optional: Option, } -/// EC2Filter is the configuration for filtering EC2 instances. +/// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsFilters { - pub name: String, - pub values: Vec, +pub struct ScrapeConfigHttpSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, } -/// SecretKey is the AWS API secret. +/// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsSecretKey { - /// The key of the secret to select from. Must be a valid secret key. +pub struct ScrapeConfigHttpSdConfigsTlsConfigCertConfigMap { + /// The key to select. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// FileSDConfig defines a Prometheus file service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config +/// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigFileSdConfigs { - /// List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. - pub files: Vec, - /// RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, +pub struct ScrapeConfigHttpSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, } -/// GCESDConfig configures scrape targets from GCP GCE instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config -/// The GCE service discovery will load the Google Cloud credentials from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform -/// A pre-requisite for using GCESDConfig is that a Secret containing valid Google Cloud credentials is mounted into the Prometheus or PrometheusAgent pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS environment variable is set to /etc/prometheus/secrets//. +/// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigGceSdConfigs { - /// Filter can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list +pub struct ScrapeConfigHttpSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub filter: Option, - /// The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. + pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// The Google Cloud Project ID - pub project: String, - /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// The tag separator is used to separate the tags on concatenation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] - pub tag_separator: Option, - /// The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs. - pub zone: String, + pub optional: Option, } -/// HTTPSDConfig defines a prometheus HTTP service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config +/// KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigs { - /// Authorization header configuration to authenticate against the target HTTP endpoint. +pub struct ScrapeConfigKubernetesSdConfigs { + /// The API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServer")] + pub api_server: Option, + /// Optional metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 for `pod` role and Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] + pub attach_metadata: Option, + /// Authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints + pub authorization: Option, + /// BasicAuth information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, + pub basic_auth: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, + /// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`, or `basicAuth`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] @@ -1008,22 +2187,30 @@ pub struct ScrapeConfigHttpSdConfigs { /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// RefreshInterval configures the refresh interval at which Prometheus will re-query the endpoint to update the target list. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// TLS configuration applying to the target HTTP endpoint. + /// Role of the Kubernetes entities that should be discovered. + pub role: ScrapeConfigKubernetesSdConfigsRole, + /// Selector to select objects. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selectors: Option>, + /// TLS configuration to use on every scrape request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, - /// URL from which the targets are fetched. - pub url: String, + pub tls_config: Option, } -/// Authorization header configuration to authenticate against the target HTTP endpoint. +/// Optional metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 for `pod` role and Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsAuthorization { +pub struct ScrapeConfigKubernetesSdConfigsAttachMetadata { + /// Attaches node metadata to discovered targets. When set to true, Prometheus must have the `get` permission on the `Nodes` objects. Only valid for Pod, Endpoint and Endpointslice roles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub node: Option, +} + +/// Authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// "Basic" is not a supported value. /// Default: "Bearer" @@ -1033,7 +2220,7 @@ pub struct ScrapeConfigHttpSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigKubernetesSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1044,20 +2231,101 @@ pub struct ScrapeConfigHttpSdConfigsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints +/// BasicAuth information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsBasicAuth { +pub struct ScrapeConfigKubernetesSdConfigsBasicAuth { /// `password` specifies a key of a Secret containing the password for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, - /// `username` specifies a key of a Secret containing the username for authentication. + pub password: Option, + /// `username` specifies a key of a Secret containing the username for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsNamespaces { + /// List of namespaces where to watch for resources. If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub names: Option>, + /// Includes the namespace in which the Prometheus pod exists to the list of watched namesapces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownNamespace")] + pub own_namespace: Option, +} + +/// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`, or `basicAuth`. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigKubernetesSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigKubernetesSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub optional: Option, } -/// `password` specifies a key of a Secret containing the password for authentication. +/// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsBasicAuthPassword { +pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1068,9 +2336,9 @@ pub struct ScrapeConfigHttpSdConfigsBasicAuthPassword { pub optional: Option, } -/// `username` specifies a key of a Secret containing the username for authentication. +/// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsBasicAuthUsername { +pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1084,7 +2352,7 @@ pub struct ScrapeConfigHttpSdConfigsBasicAuthUsername { /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsProxyConnectHeader { +pub struct ScrapeConfigKubernetesSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, @@ -1096,21 +2364,78 @@ pub struct ScrapeConfigHttpSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfig { +pub enum ScrapeConfigKubernetesSdConfigsRole { + Node, + #[serde(rename = "node")] + NodeX, + Service, + #[serde(rename = "service")] + ServiceX, + Pod, + #[serde(rename = "pod")] + PodX, + Endpoints, + #[serde(rename = "endpoints")] + EndpointsX, + EndpointSlice, + #[serde(rename = "endpointslice")] + Endpointslice, + Ingress, + #[serde(rename = "ingress")] + IngressX, +} + +/// K8SSelectorConfig is Kubernetes Selector Config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsSelectors { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub field: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub label: Option, + /// Role is role of the service in Kubernetes. + pub role: ScrapeConfigKubernetesSdConfigsSelectorsRole, +} + +/// K8SSelectorConfig is Kubernetes Selector Config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigKubernetesSdConfigsSelectorsRole { + Node, + #[serde(rename = "node")] + NodeX, + Service, + #[serde(rename = "service")] + ServiceX, + Pod, + #[serde(rename = "pod")] + PodX, + Endpoints, + #[serde(rename = "endpoints")] + EndpointsX, + EndpointSlice, + #[serde(rename = "endpointslice")] + Endpointslice, + Ingress, + #[serde(rename = "ingress")] + IngressX, +} + +/// TLS configuration to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1118,18 +2443,18 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCa { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1142,7 +2467,7 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1155,18 +2480,18 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCert { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1179,7 +2504,7 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1192,7 +2517,7 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigKubernetesSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1203,41 +2528,38 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config +/// KumaSDConfig allow retrieving scrape targets from Kuma's control plane. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigs { - /// The API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServer")] - pub api_server: Option, - /// Optional metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 for `pod` role and Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] - pub attach_metadata: Option, - /// Authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`. +pub struct ScrapeConfigKumaSdConfigs { + /// Authorization header to use on every scrape request. #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. + pub authorization: Option, + /// BasicAuth information to use on every scrape request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, + pub basic_auth: Option, + /// Client id is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientID")] + pub client_id: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, + /// The time after which the monitoring assignments are refreshed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fetchTimeout")] + pub fetch_timeout: Option, /// Configure whether HTTP requests follow HTTP 3xx redirects. #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] pub follow_redirects: Option, - /// Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, /// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`, or `basicAuth`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, + pub oauth2: Option, /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). If unset, Prometheus uses its default value. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] @@ -1246,30 +2568,22 @@ pub struct ScrapeConfigKubernetesSdConfigs { /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// Role of the Kubernetes entities that should be discovered. - pub role: ScrapeConfigKubernetesSdConfigsRole, - /// Selector to select objects. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selectors: Option>, - /// TLS configuration to use on every scrape request. + /// The time to wait between polling update requests. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// Address of the Kuma Control Plane's MADS xDS server. + pub server: String, + /// TLS configuration to use on every scrape request #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, -} - -/// Optional metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 for `pod` role and Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsAttachMetadata { - /// Attaches node metadata to discovered targets. When set to true, Prometheus must have the `get` permission on the `Nodes` objects. Only valid for Pod, Endpoint and Endpointslice roles. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub node: Option, + pub tls_config: Option, } -/// Authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`. +/// Authorization header to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsAuthorization { +pub struct ScrapeConfigKumaSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// "Basic" is not a supported value. /// Default: "Bearer" @@ -1279,7 +2593,7 @@ pub struct ScrapeConfigKubernetesSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigKumaSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1290,20 +2604,20 @@ pub struct ScrapeConfigKubernetesSdConfigsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. +/// BasicAuth information to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsBasicAuth { +pub struct ScrapeConfigKumaSdConfigsBasicAuth { /// `password` specifies a key of a Secret containing the password for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, + pub password: Option, /// `username` specifies a key of a Secret containing the username for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub username: Option, } /// `password` specifies a key of a Secret containing the password for authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsBasicAuthPassword { +pub struct ScrapeConfigKumaSdConfigsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1316,7 +2630,7 @@ pub struct ScrapeConfigKubernetesSdConfigsBasicAuthPassword { /// `username` specifies a key of a Secret containing the username for authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsBasicAuthUsername { +pub struct ScrapeConfigKumaSdConfigsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1327,26 +2641,15 @@ pub struct ScrapeConfigKubernetesSdConfigsBasicAuthUsername { pub optional: Option, } -/// Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsNamespaces { - /// List of namespaces where to watch for resources. If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub names: Option>, - /// Includes the namespace in which the Prometheus pod exists to the list of watched namesapces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownNamespace")] - pub own_namespace: Option, -} - /// Optional OAuth 2.0 configuration. Cannot be set at the same time as `authorization`, or `basicAuth`. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsOauth2 { +pub struct ScrapeConfigKumaSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigKubernetesSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigKumaSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigKubernetesSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigKumaSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, @@ -1360,18 +2663,18 @@ pub struct ScrapeConfigKubernetesSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientId { +pub struct ScrapeConfigKumaSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigKumaSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1384,7 +2687,7 @@ pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigKumaSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1397,7 +2700,7 @@ pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientIdSecret { /// `clientSecret` specifies a key of a Secret containing the OAuth2 client's secret. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigKumaSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1411,7 +2714,7 @@ pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientSecret { /// ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsProxyConnectHeader { +pub struct ScrapeConfigKumaSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, @@ -1423,78 +2726,21 @@ pub struct ScrapeConfigKubernetesSdConfigsProxyConnectHeader { pub optional: Option, } -/// KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigKubernetesSdConfigsRole { - Node, - #[serde(rename = "node")] - NodeX, - Service, - #[serde(rename = "service")] - ServiceX, - Pod, - #[serde(rename = "pod")] - PodX, - Endpoints, - #[serde(rename = "endpoints")] - EndpointsX, - EndpointSlice, - #[serde(rename = "endpointslice")] - Endpointslice, - Ingress, - #[serde(rename = "ingress")] - IngressX, -} - -/// K8SSelectorConfig is Kubernetes Selector Config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsSelectors { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub field: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub label: Option, - /// Role is role of the service in Kubernetes. - pub role: ScrapeConfigKubernetesSdConfigsSelectorsRole, -} - -/// K8SSelectorConfig is Kubernetes Selector Config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigKubernetesSdConfigsSelectorsRole { - Node, - #[serde(rename = "node")] - NodeX, - Service, - #[serde(rename = "service")] - ServiceX, - Pod, - #[serde(rename = "pod")] - PodX, - Endpoints, - #[serde(rename = "endpoints")] - EndpointsX, - EndpointSlice, - #[serde(rename = "endpointslice")] - Endpointslice, - Ingress, - #[serde(rename = "ingress")] - IngressX, -} - -/// TLS configuration to use on every scrape request. +/// TLS configuration to use on every scrape request #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfig { +pub struct ScrapeConfigKumaSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1502,18 +2748,18 @@ pub struct ScrapeConfigKubernetesSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCa { +pub struct ScrapeConfigKumaSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigKumaSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1526,7 +2772,7 @@ pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigKumaSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1539,18 +2785,18 @@ pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCert { +pub struct ScrapeConfigKumaSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigKumaSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1563,7 +2809,7 @@ pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigKumaSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? @@ -1576,7 +2822,7 @@ pub struct ScrapeConfigKubernetesSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigKumaSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/clustersets.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/clustersets.rs index 0c1b71b11..7a0878572 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/clustersets.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/clustersets.rs @@ -15,10 +15,12 @@ use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; pub struct ClusterSetSpec { /// Leaders include leader clusters known to the member clusters. pub leaders: Vec, - /// Members include member clusters known to the leader clusters. Used in leader cluster. + /// Members include member clusters known to the leader clusters. + /// Used in leader cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub members: Option>, - /// The leader cluster Namespace in which the ClusterSet is defined. Used in member cluster. + /// The leader cluster Namespace in which the ClusterSet is defined. + /// Used in member cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/labelidentities.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/labelidentities.rs index 03af2805c..a44a0e855 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/labelidentities.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/labelidentities.rs @@ -12,7 +12,9 @@ pub struct LabelIdentitySpec { /// ID is the ID allocated for the label identity by the leader cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Label is the normalized string of a label identity. The format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)` E.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db` + /// Label is the normalized string of a label identity. + /// The format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)` + /// E.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db` #[serde(default, skip_serializing_if = "Option::is_none")] pub label: Option, } diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceexports.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceexports.rs index a15e4dd47..21ec8e879 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceexports.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceexports.rs @@ -88,18 +88,28 @@ pub struct ResourceExportClusterInfoWireGuard { /// If exported resource is AntreaClusterNetworkPolicy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicy { - /// Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule. + /// Select workloads on which the rules will be applied to. Cannot be set in + /// conjunction with AppliedTo in each rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedTo")] pub applied_to: Option>, - /// Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the `To` field but not the `From` field within a Rule. + /// Set of egress rules evaluated based on the order in which they are set. + /// Currently Egress rule supports setting the `To` field but not the `From` + /// field within a Rule. #[serde(default, skip_serializing_if = "Option::is_none")] pub egress: Option>, - /// Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the `From` field but not the `To` field within a Rule. + /// Set of ingress rules evaluated based on the order in which they are set. + /// Currently Ingress rule supports setting the `From` field but not the `To` + /// field within a Rule. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, - /// Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies. + /// Priority specfies the order of the ClusterNetworkPolicy relative to + /// other AntreaClusterNetworkPolicies. pub priority: f64, - /// Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier's Priority and the ClusterNetworkPolicy's own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom. + /// Tier specifies the tier to which this ClusterNetworkPolicy belongs to. + /// The ClusterNetworkPolicy order will be determined based on the + /// combination of the Tier's Priority and the ClusterNetworkPolicy's own + /// Priority. If not specified, this policy will be created in the Application + /// Tier right above the K8s NetworkPolicy which resides at the bottom. #[serde(default, skip_serializing_if = "Option::is_none")] pub tier: Option, } @@ -107,122 +117,186 @@ pub struct ResourceExportClusterNetworkPolicy { /// AppliedTo describes the grouping selector of workloads in AppliedTo field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in AppliedTo fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set as an + /// AppliedTo in place of a stand-alone selector. A Group cannot + /// be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in AppliedTo fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select Nodes in cluster as workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// AppliedTo fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. + /// Select a certain Service which matches the NamespacedName. + /// A Service can only be set in either policy level AppliedTo field in a policy + /// that only has ingress rules or rule level AppliedTo field in an ingress rule. + /// Only a NodePort Service can be referred by this field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in AppliedTo fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in AppliedTo fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select Nodes in cluster as workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// AppliedTo fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. +/// Select a certain Service which matches the NamespacedName. +/// A Service can only be set in either policy level AppliedTo field in a policy +/// that only has ingress rules or rule level AppliedTo field in an ingress rule. +/// Only a NodePort Service can be referred by this field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToService { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -231,7 +305,9 @@ pub struct ResourceExportClusterNetworkPolicyAppliedToService { pub namespace: Option, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyAppliedToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -240,39 +316,60 @@ pub struct ResourceExportClusterNetworkPolicyAppliedToServiceAccount { pub namespace: Option, } -/// Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol. +/// Rule describes the traffic allowed to/from the workloads selected by +/// Spec.AppliedTo. Based on the action specified in the rule, traffic is either +/// allowed or denied which exactly match the specified ports and protocol. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgress { /// Action specifies the action to be applied on the rule. pub action: String, - /// Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. + /// Select workloads on which this rule will be applied to. Cannot be set in + /// conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedTo")] pub applied_to: Option>, - /// EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false. + /// EnableLogging is used to indicate if agent should generate logs + /// when rules are matched. Should be default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableLogging")] pub enable_logging: Option, - /// Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources. + /// Rule is matched if traffic originates from workloads selected by + /// this field. If this field is empty, this rule matches all sources. #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, - /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic. + /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. + /// When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the + /// 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the + /// traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any + /// rules after a layer 7 rule will not be enforced for the traffic. #[serde(default, skip_serializing_if = "Option::is_none", rename = "l7Protocols")] pub l7_protocols: Option>, /// LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLabel")] pub log_label: Option, - /// Name describes the intention of this rule. Name should be unique within the policy. + /// Name describes the intention of this rule. + /// Name should be unique within the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports. + /// Set of ports and protocols matched by the rule. If this field and Protocols + /// are unset or empty, this rule matches all ports. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported. + /// Set of protocols matched by the rule. If this field and Ports are unset or + /// empty, this rule matches all protocols supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocols: Option>, - /// Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations. + /// Rule is matched if traffic is intended for workloads selected by + /// this field. This field can't be used with ToServices. If this field + /// and ToServices are both empty or missing this rule matches all destinations. #[serde(default, skip_serializing_if = "Option::is_none")] pub to: Option>, - /// Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations. + /// Rule is matched if traffic is intended for a Service listed in this field. + /// Currently, only ClusterIP types Services are supported in this field. + /// When scope is set to ClusterSet, it matches traffic intended for a multi-cluster + /// Service listed in this field. Service name and Namespace provided should match + /// the original exported Service. + /// This field can only be used when AntreaProxy is enabled. This field can't be used + /// with To or Ports. If this field and To are both empty or missing, this rule matches + /// all destinations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -280,122 +377,186 @@ pub struct ResourceExportClusterNetworkPolicyEgress { /// AppliedTo describes the grouping selector of workloads in AppliedTo field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in AppliedTo fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set as an + /// AppliedTo in place of a stand-alone selector. A Group cannot + /// be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in AppliedTo fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select Nodes in cluster as workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// AppliedTo fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. + /// Select a certain Service which matches the NamespacedName. + /// A Service can only be set in either policy level AppliedTo field in a policy + /// that only has ingress rules or rule level AppliedTo field in an ingress rule. + /// Only a NodePort Service can be referred by this field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in AppliedTo fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in AppliedTo fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select Nodes in cluster as workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// AppliedTo fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. +/// Select a certain Service which matches the NamespacedName. +/// A Service can only be set in either policy level AppliedTo field in a policy +/// that only has ingress rules or rule level AppliedTo field in an ingress rule. +/// Only a NodePort Service can be referred by this field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToService { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -404,7 +565,9 @@ pub struct ResourceExportClusterNetworkPolicyEgressAppliedToService { pub namespace: Option, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressAppliedToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -416,149 +579,232 @@ pub struct ResourceExportClusterNetworkPolicyEgressAppliedToServiceAccount { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFrom { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressFromServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -569,21 +815,26 @@ pub struct ResourceExportClusterNetworkPolicyEgressFromServiceAccount { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressL7Protocols { - /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. + /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. + /// If all fields are not provided, it matches all HTTP requests. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. + /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this + /// matches all TLS handshake packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. +/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. +/// If all fields are not provided, it matches all HTTP requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressL7ProtocolsHttp { - /// Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host. + /// Host represents the hostname present in the URI or the HTTP Host header to match. + /// It does not contain the port associated with the host. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. + /// Method represents the HTTP method to match. + /// It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, /// Path represents the URI path to match (Ex. "/index.html", "/admin"). @@ -591,7 +842,8 @@ pub struct ResourceExportClusterNetworkPolicyEgressL7ProtocolsHttp { pub path: Option, } -/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. +/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this +/// matches all TLS handshake packets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressL7ProtocolsTls { /// SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message. @@ -602,35 +854,52 @@ pub struct ResourceExportClusterNetworkPolicyEgressL7ProtocolsTls { /// NetworkPolicyPort describes the port and protocol to match in a rule. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressPorts { - /// EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified. + /// EndPort defines the end of the port range, inclusive. + /// It can only be specified when a numerical `port` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endPort")] pub end_port: Option, - /// The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. + /// The port on the given protocol. This can be either a numerical + /// or named port on a Pod. If this field is not provided, this + /// matches all port names and numbers. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + /// The protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified. + /// SourceEndPort defines the end of the source port range, inclusive. + /// It can only be specified when `sourcePort` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceEndPort")] pub source_end_port: Option, - /// The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports. + /// The source port on the given protocol. This can only be a numerical port. + /// If this field is not provided, rule matches all source ports. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePort")] pub source_port: Option, } -/// NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field. +/// NetworkPolicyProtocol defines additional protocols that are not supported by +/// `ports`. All fields should be used as a standalone field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressProtocols { - /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. + /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All + /// fields could be used alone or together. If all fields are not provided, this + /// matches all ICMP traffic. #[serde(default, skip_serializing_if = "Option::is_none")] pub icmp: Option, - /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. + /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must + /// be filled with: + /// IGMPQuery int32 = 0x11 + /// IGMPReportV1 int32 = 0x12 + /// IGMPReportV2 int32 = 0x16 + /// IGMPReportV3 int32 = 0x22 + /// If groupAddress is empty, all groupAddresses will be matched. #[serde(default, skip_serializing_if = "Option::is_none")] pub igmp: Option, } -/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. +/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All +/// fields could be used alone or together. If all fields are not provided, this +/// matches all ICMP traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressProtocolsIcmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] @@ -639,7 +908,13 @@ pub struct ResourceExportClusterNetworkPolicyEgressProtocolsIcmp { pub icmp_type: Option, } -/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. +/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must +/// be filled with: +/// IGMPQuery int32 = 0x11 +/// IGMPReportV1 int32 = 0x12 +/// IGMPReportV2 int32 = 0x16 +/// IGMPReportV3 int32 = 0x22 +/// If groupAddress is empty, all groupAddresses will be matched. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressProtocolsIgmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupAddress")] @@ -651,149 +926,232 @@ pub struct ResourceExportClusterNetworkPolicyEgressProtocolsIgmp { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -802,7 +1160,8 @@ pub struct ResourceExportClusterNetworkPolicyEgressToServiceAccount { pub namespace: Option, } -/// PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service. +/// PeerService refers to a Service, which can be a in-cluster Service or +/// imported multi-cluster service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyEgressToServices { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -813,39 +1172,60 @@ pub struct ResourceExportClusterNetworkPolicyEgressToServices { pub scope: Option, } -/// Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol. +/// Rule describes the traffic allowed to/from the workloads selected by +/// Spec.AppliedTo. Based on the action specified in the rule, traffic is either +/// allowed or denied which exactly match the specified ports and protocol. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngress { /// Action specifies the action to be applied on the rule. pub action: String, - /// Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. + /// Select workloads on which this rule will be applied to. Cannot be set in + /// conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedTo")] pub applied_to: Option>, - /// EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false. + /// EnableLogging is used to indicate if agent should generate logs + /// when rules are matched. Should be default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableLogging")] pub enable_logging: Option, - /// Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources. + /// Rule is matched if traffic originates from workloads selected by + /// this field. If this field is empty, this rule matches all sources. #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, - /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic. + /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. + /// When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the + /// 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the + /// traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any + /// rules after a layer 7 rule will not be enforced for the traffic. #[serde(default, skip_serializing_if = "Option::is_none", rename = "l7Protocols")] pub l7_protocols: Option>, /// LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLabel")] pub log_label: Option, - /// Name describes the intention of this rule. Name should be unique within the policy. + /// Name describes the intention of this rule. + /// Name should be unique within the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports. + /// Set of ports and protocols matched by the rule. If this field and Protocols + /// are unset or empty, this rule matches all ports. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported. + /// Set of protocols matched by the rule. If this field and Ports are unset or + /// empty, this rule matches all protocols supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocols: Option>, - /// Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations. + /// Rule is matched if traffic is intended for workloads selected by + /// this field. This field can't be used with ToServices. If this field + /// and ToServices are both empty or missing this rule matches all destinations. #[serde(default, skip_serializing_if = "Option::is_none")] pub to: Option>, - /// Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations. + /// Rule is matched if traffic is intended for a Service listed in this field. + /// Currently, only ClusterIP types Services are supported in this field. + /// When scope is set to ClusterSet, it matches traffic intended for a multi-cluster + /// Service listed in this field. Service name and Namespace provided should match + /// the original exported Service. + /// This field can only be used when AntreaProxy is enabled. This field can't be used + /// with To or Ports. If this field and To are both empty or missing, this rule matches + /// all destinations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -853,122 +1233,186 @@ pub struct ResourceExportClusterNetworkPolicyIngress { /// AppliedTo describes the grouping selector of workloads in AppliedTo field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in AppliedTo fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set as an + /// AppliedTo in place of a stand-alone selector. A Group cannot + /// be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in AppliedTo fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select Nodes in cluster as workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// AppliedTo fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. + /// Select a certain Service which matches the NamespacedName. + /// A Service can only be set in either policy level AppliedTo field in a policy + /// that only has ingress rules or rule level AppliedTo field in an ingress rule. + /// Only a NodePort Service can be referred by this field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in AppliedTo fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in AppliedTo fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select Nodes in cluster as workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// AppliedTo fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. +/// Select a certain Service which matches the NamespacedName. +/// A Service can only be set in either policy level AppliedTo field in a policy +/// that only has ingress rules or rule level AppliedTo field in an ingress rule. +/// Only a NodePort Service can be referred by this field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToService { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -977,7 +1421,9 @@ pub struct ResourceExportClusterNetworkPolicyIngressAppliedToService { pub namespace: Option, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressAppliedToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -989,149 +1435,232 @@ pub struct ResourceExportClusterNetworkPolicyIngressAppliedToServiceAccount { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFrom { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressFromServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1142,21 +1671,26 @@ pub struct ResourceExportClusterNetworkPolicyIngressFromServiceAccount { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressL7Protocols { - /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. + /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. + /// If all fields are not provided, it matches all HTTP requests. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. + /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this + /// matches all TLS handshake packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. +/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. +/// If all fields are not provided, it matches all HTTP requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressL7ProtocolsHttp { - /// Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host. + /// Host represents the hostname present in the URI or the HTTP Host header to match. + /// It does not contain the port associated with the host. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. + /// Method represents the HTTP method to match. + /// It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, /// Path represents the URI path to match (Ex. "/index.html", "/admin"). @@ -1164,7 +1698,8 @@ pub struct ResourceExportClusterNetworkPolicyIngressL7ProtocolsHttp { pub path: Option, } -/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. +/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this +/// matches all TLS handshake packets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressL7ProtocolsTls { /// SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message. @@ -1175,35 +1710,52 @@ pub struct ResourceExportClusterNetworkPolicyIngressL7ProtocolsTls { /// NetworkPolicyPort describes the port and protocol to match in a rule. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressPorts { - /// EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified. + /// EndPort defines the end of the port range, inclusive. + /// It can only be specified when a numerical `port` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endPort")] pub end_port: Option, - /// The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. + /// The port on the given protocol. This can be either a numerical + /// or named port on a Pod. If this field is not provided, this + /// matches all port names and numbers. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + /// The protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified. + /// SourceEndPort defines the end of the source port range, inclusive. + /// It can only be specified when `sourcePort` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceEndPort")] pub source_end_port: Option, - /// The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports. + /// The source port on the given protocol. This can only be a numerical port. + /// If this field is not provided, rule matches all source ports. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePort")] pub source_port: Option, } -/// NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field. +/// NetworkPolicyProtocol defines additional protocols that are not supported by +/// `ports`. All fields should be used as a standalone field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressProtocols { - /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. + /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All + /// fields could be used alone or together. If all fields are not provided, this + /// matches all ICMP traffic. #[serde(default, skip_serializing_if = "Option::is_none")] pub icmp: Option, - /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. + /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must + /// be filled with: + /// IGMPQuery int32 = 0x11 + /// IGMPReportV1 int32 = 0x12 + /// IGMPReportV2 int32 = 0x16 + /// IGMPReportV3 int32 = 0x22 + /// If groupAddress is empty, all groupAddresses will be matched. #[serde(default, skip_serializing_if = "Option::is_none")] pub igmp: Option, } -/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. +/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All +/// fields could be used alone or together. If all fields are not provided, this +/// matches all ICMP traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressProtocolsIcmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] @@ -1212,7 +1764,13 @@ pub struct ResourceExportClusterNetworkPolicyIngressProtocolsIcmp { pub icmp_type: Option, } -/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. +/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must +/// be filled with: +/// IGMPQuery int32 = 0x11 +/// IGMPReportV1 int32 = 0x12 +/// IGMPReportV2 int32 = 0x16 +/// IGMPReportV3 int32 = 0x22 +/// If groupAddress is empty, all groupAddresses will be matched. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressProtocolsIgmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupAddress")] @@ -1224,149 +1782,232 @@ pub struct ResourceExportClusterNetworkPolicyIngressProtocolsIgmp { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1375,7 +2016,8 @@ pub struct ResourceExportClusterNetworkPolicyIngressToServiceAccount { pub namespace: Option, } -/// PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service. +/// PeerService refers to a Service, which can be a in-cluster Service or +/// imported multi-cluster service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportClusterNetworkPolicyIngressToServices { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1393,16 +2035,31 @@ pub struct ResourceExportEndpoints { pub subsets: Option>, } -/// EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given: -/// { Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] } -/// The resulting set of endpoints can be viewed as: -/// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], b: [ 10.10.1.1:309, 10.10.2.2:309 ] +/// EndpointSubset is a group of addresses with a common set of ports. The +/// expanded set of endpoints is the Cartesian product of Addresses x Ports. +/// For example, given: +/// +/// +/// { +/// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], +/// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] +/// } +/// +/// +/// The resulting set of endpoints can be viewed as: +/// +/// +/// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], +/// b: [ 10.10.1.1:309, 10.10.2.2:309 ] #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportEndpointsSubsets { - /// IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize. + /// IP addresses which offer the related ports that are marked as ready. These endpoints + /// should be considered safe for load balancers and clients to utilize. #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, - /// IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check. + /// IP addresses which offer the related ports but are not currently marked as ready + /// because they have not yet finished starting, have recently failed a readiness check, + /// or have recently failed a liveness check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "notReadyAddresses")] pub not_ready_addresses: Option>, /// Port numbers available on the related IP addresses. @@ -1416,7 +2073,9 @@ pub struct ResourceExportEndpointsSubsetsAddresses { /// The Hostname of this endpoint #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). + /// The IP of this endpoint. + /// May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), + /// or link-local multicast (224.0.0.0/24 or ff02::/16). pub ip: String, /// Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] @@ -1432,22 +2091,34 @@ pub struct ResourceExportEndpointsSubsetsAddressesTargetRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -1458,7 +2129,9 @@ pub struct ResourceExportEndpointsSubsetsNotReadyAddresses { /// The Hostname of this endpoint #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). + /// The IP of this endpoint. + /// May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), + /// or link-local multicast (224.0.0.0/24 or ff02::/16). pub ip: String, /// Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] @@ -1474,22 +2147,34 @@ pub struct ResourceExportEndpointsSubsetsNotReadyAddressesTargetRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -1497,18 +2182,37 @@ pub struct ResourceExportEndpointsSubsetsNotReadyAddressesTargetRef { /// EndpointPort is a tuple that describes a single port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportEndpointsSubsetsPorts { - /// The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: - /// * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). - /// * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 - /// * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. + /// This field follows standard Kubernetes label syntax. + /// Valid values are either: + /// + /// + /// * Un-prefixed protocol names - reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// + /// + /// * Kubernetes-defined prefixed names: + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- + /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 + /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 + /// + /// + /// * Other protocols should use implementation-defined prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port. This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined. + /// The name of this port. This must match the 'name' field in the + /// corresponding ServicePort. + /// Must be a DNS_LABEL. + /// Optional only if one port is defined. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The port number of the endpoint. pub port: i32, - /// The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP. + /// The IP protocol for this port. + /// Must be UDP, TCP, or SCTP. + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } @@ -1527,7 +2231,8 @@ pub struct ResourceExportExternalEntityExternalEntitySpec { /// Endpoints is a list of external endpoints associated with this entity. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoints: Option>, - /// ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity. + /// ExternalNode is the opaque identifier of the agent/controller responsible + /// for additional processing or handling of this external entity. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalNode")] pub external_node: Option, /// Ports maintain the list of named ports. @@ -1555,7 +2260,8 @@ pub struct ResourceExportExternalEntityExternalEntitySpecPorts { /// The port on the given protocol. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + /// The protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } @@ -1585,63 +2291,210 @@ pub struct ResourceExportService { /// ServiceSpec describes the attributes that a user creates on a service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportServiceServiceSpec { - /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is "true". It may be set to "false" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type. + /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically + /// allocated for services with type LoadBalancer. Default is "true". It + /// may be set to "false" if the cluster load-balancer does not rely on + /// NodePorts. If the caller requests specific NodePorts (by specifying a + /// value), those requests will be respected, regardless of this field. + /// This field may only be set for services with type LoadBalancer and will + /// be cleared if the type is changed to any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] pub allocate_load_balancer_node_ports: Option, - /// clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// clusterIP is the IP address of the service and is usually assigned + /// randomly. If an address is specified manually, is in-range (as per + /// system configuration), and is not in use, it will be allocated to the + /// service; otherwise creation of the service will fail. This field may not + /// be changed through updates unless the type field is also being changed + /// to ExternalName (which requires this field to be blank) or the type + /// field is being changed from ExternalName (in which case this field may + /// optionally be specified, as describe above). Valid values are "None", + /// empty string (""), or a valid IP address. Setting this to "None" makes a + /// "headless service" (no virtual IP), which is useful when direct endpoint + /// connections are preferred and proxying is not required. Only applies to + /// types ClusterIP, NodePort, and LoadBalancer. If this field is specified + /// when creating a Service of type ExternalName, creation will fail. This + /// field will be wiped when updating a Service to type ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIP")] pub cluster_ip: Option, - /// ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. - /// This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// ClusterIPs is a list of IP addresses assigned to this service, and are + /// usually assigned randomly. If an address is specified manually, is + /// in-range (as per system configuration), and is not in use, it will be + /// allocated to the service; otherwise creation of the service will fail. + /// This field may not be changed through updates unless the type field is + /// also being changed to ExternalName (which requires this field to be + /// empty) or the type field is being changed from ExternalName (in which + /// case this field may optionally be specified, as describe above). Valid + /// values are "None", empty string (""), or a valid IP address. Setting + /// this to "None" makes a "headless service" (no virtual IP), which is + /// useful when direct endpoint connections are preferred and proxying is + /// not required. Only applies to types ClusterIP, NodePort, and + /// LoadBalancer. If this field is specified when creating a Service of type + /// ExternalName, creation will fail. This field will be wiped when updating + /// a Service to type ExternalName. If this field is not specified, it will + /// be initialized from the clusterIP field. If this field is specified, + /// clients must ensure that clusterIPs[0] and clusterIP have the same + /// value. + /// + /// + /// This field may hold a maximum of two entries (dual-stack IPs, in either order). + /// These IPs must correspond to the values of the ipFamilies field. Both + /// clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIPs")] pub cluster_i_ps: Option>, - /// externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. + /// externalIPs is a list of IP addresses for which nodes in the cluster + /// will also accept traffic for this service. These IPs are not managed by + /// Kubernetes. The user is responsible for ensuring that traffic arrives + /// at a node with this IP. A common example is external load-balancers + /// that are not part of the Kubernetes system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")] pub external_i_ps: Option>, - /// externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". + /// externalName is the external reference that discovery mechanisms will + /// return as an alias for this service (e.g. a DNS CNAME record). No + /// proxying will be involved. Must be a lowercase RFC-1123 hostname + /// (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalName")] pub external_name: Option, - /// externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. + /// externalTrafficPolicy describes how nodes distribute service traffic they + /// receive on one of the Service's "externally-facing" addresses (NodePorts, + /// ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + /// the service in a way that assumes that external load balancers will take care + /// of balancing the service traffic between nodes, and so each node will deliver + /// traffic only to the node-local endpoints of the service, without masquerading + /// the client source IP. (Traffic mistakenly sent to a node with no endpoints will + /// be dropped.) The default value, "Cluster", uses the standard behavior of + /// routing to all endpoints evenly (possibly modified by topology and other + /// features). Note that traffic sent to an External IP or LoadBalancer IP from + /// within the cluster will always get "Cluster" semantics, but clients sending to + /// a NodePort from within the cluster may need to take traffic policy into account + /// when picking a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] pub external_traffic_policy: Option, - /// healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set. + /// healthCheckNodePort specifies the healthcheck nodePort for the service. + /// This only applies when type is set to LoadBalancer and + /// externalTrafficPolicy is set to Local. If a value is specified, is + /// in-range, and is not in use, it will be used. If not specified, a value + /// will be automatically allocated. External systems (e.g. load-balancers) + /// can use this port to determine if a given node holds endpoints for this + /// service or not. If this field is specified when creating a Service + /// which does not need it, creation will fail. This field will be wiped + /// when updating a Service to no longer need it (e.g. changing type). + /// This field cannot be updated once set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckNodePort")] pub health_check_node_port: Option, - /// InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). + /// InternalTrafficPolicy describes how nodes distribute service traffic they + /// receive on the ClusterIP. If set to "Local", the proxy will assume that pods + /// only want to talk to endpoints of the service on the same node as the pod, + /// dropping the traffic if there are no local endpoints. The default value, + /// "Cluster", uses the standard behavior of routing to all endpoints evenly + /// (possibly modified by topology and other features). #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] pub internal_traffic_policy: Option, - /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are "IPv4" and "IPv6". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. - /// This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this + /// service. This field is usually assigned automatically based on cluster + /// configuration and the ipFamilyPolicy field. If this field is specified + /// manually, the requested family is available in the cluster, + /// and ipFamilyPolicy allows it, it will be used; otherwise creation of + /// the service will fail. This field is conditionally mutable: it allows + /// for adding or removing a secondary IP family, but it does not allow + /// changing the primary IP family of the Service. Valid values are "IPv4" + /// and "IPv6". This field only applies to Services of types ClusterIP, + /// NodePort, and LoadBalancer, and does apply to "headless" services. + /// This field will be wiped when updating a Service to type ExternalName. + /// + /// + /// This field may hold a maximum of two entries (dual-stack families, in + /// either order). These families must correspond to the values of the + /// clusterIPs field, if specified. Both clusterIPs and ipFamilies are + /// governed by the ipFamilyPolicy field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] pub ip_families: Option>, - /// IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. + /// IPFamilyPolicy represents the dual-stack-ness requested or required by + /// this Service. If there is no value provided, then this field will be set + /// to SingleStack. Services can be "SingleStack" (a single IP family), + /// "PreferDualStack" (two IP families on dual-stack configured clusters or + /// a single IP family on single-stack clusters), or "RequireDualStack" + /// (two IP families on dual-stack configured clusters, otherwise fail). The + /// ipFamilies and clusterIPs fields depend on the value of this field. This + /// field will be wiped when updating a service to type ExternalName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] pub ip_family_policy: Option, - /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. + /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. + /// If specified, the value of this field must be a label-style identifier, with an optional prefix, + /// e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + /// This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + /// balancer implementation is used, today this is typically done through the cloud provider integration, + /// but should apply for any default implementation. If set, it is assumed that a load balancer + /// implementation is watching for Services with a matching class. Any default load balancer + /// implementation (e.g. cloud providers) should ignore Services that set this field. + /// This field can only be set when creating or updating a Service to type 'LoadBalancer'. + /// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] pub load_balancer_class: Option, - /// Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available. + /// Only applies to Service Type: LoadBalancer. + /// This feature depends on whether the underlying cloud-provider supports specifying + /// the loadBalancerIP when a load balancer is created. + /// This field will be ignored if the cloud-provider does not support the feature. + /// Deprecated: This field was under-specified and its meaning varies across implementations. + /// Using it is non-portable and it may not support dual-stack. + /// Users are encouraged to use implementation-specific annotations when available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerIP")] pub load_balancer_ip: Option, - /// If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ + /// If specified and supported by the platform, this will restrict traffic through the cloud-provider + /// load-balancer will be restricted to the specified client IPs. This field will be ignored if the + /// cloud-provider does not support the feature." + /// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] pub load_balancer_source_ranges: Option>, - /// The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// The list of ports that are exposed by this service. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered "ready" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior. + /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this + /// Service should disregard any indications of ready/not-ready. + /// The primary use case for setting this field is for a StatefulSet's Headless Service to + /// propagate SRV DNS records for its Pods for the purpose of peer discovery. + /// The Kubernetes controllers that generate Endpoints and EndpointSlice resources for + /// Services interpret this to mean that all endpoints are considered "ready" even if the + /// Pods themselves are not. Agents which consume only Kubernetes generated endpoints + /// through the Endpoints or EndpointSlice resources can safely assume this behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] pub publish_not_ready_addresses: Option, - /// Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/ + /// Route service traffic to pods with label keys and values matching this + /// selector. If empty or not present, the service is assumed to have an + /// external process managing its endpoints, which Kubernetes will not + /// modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. + /// Ignored if type is ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/ #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option>, - /// Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// Supports "ClientIP" and "None". Used to maintain session affinity. + /// Enable client IP based session affinity. + /// Must be ClientIP or None. + /// Defaults to None. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] pub session_affinity: Option, /// sessionAffinityConfig contains the configurations of session affinity. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] pub session_affinity_config: Option, - /// type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + /// type determines how the Service is exposed. Defaults to ClusterIP. Valid + /// options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + /// "ClusterIP" allocates a cluster-internal IP address for load-balancing + /// to endpoints. Endpoints are determined by the selector or if that is not + /// specified, by manual construction of an Endpoints object or + /// EndpointSlice objects. If clusterIP is "None", no virtual IP is + /// allocated and the endpoints are published as a set of endpoints rather + /// than a virtual IP. + /// "NodePort" builds on ClusterIP and allocates a port on every node which + /// routes to the same endpoints as the clusterIP. + /// "LoadBalancer" builds on NodePort and creates an external load-balancer + /// (if supported in the current cloud) which routes to the same endpoints + /// as the clusterIP. + /// "ExternalName" aliases this service to the specified externalName. + /// Several other fields do not apply to ExternalName services. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -1649,24 +2502,58 @@ pub struct ResourceExportServiceServiceSpec { /// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportServiceServiceSpecPorts { - /// The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: - /// * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). - /// * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 - /// * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. + /// This field follows standard Kubernetes label syntax. + /// Valid values are either: + /// + /// + /// * Un-prefixed protocol names - reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// + /// + /// * Kubernetes-defined prefixed names: + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- + /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 + /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 + /// + /// + /// * Other protocols should use implementation-defined prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. If a value is + /// specified, in-range, and not in use it will be used, otherwise the + /// operation will fail. If not specified, a port will be allocated if this + /// Service requires one. If this field is specified when creating a + /// Service which does not need it, creation will fail. This field will be + /// wiped when updating a Service to no longer need it (e.g. changing type + /// from NodePort to ClusterIP). + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// If this is a string, it will be looked up as a named port in the + /// target Pod's container ports. If this is not specified, the value + /// of the 'port' field is used (an identity map). + /// This field is ignored for services with clusterIP=None, and should be + /// omitted or set equal to the 'port' field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } @@ -1682,7 +2569,9 @@ pub struct ResourceExportServiceServiceSpecSessionAffinityConfig { /// clientIP contains the configurations of Client IP based session affinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceExportServiceServiceSpecSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). + /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. + /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + /// Default value is 10800(for 3 hours). #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceimports.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceimports.rs index 87801ec95..a8f2820c1 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceimports.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/resourceimports.rs @@ -15,7 +15,8 @@ use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; #[kube(status = "ResourceImportStatus")] #[kube(schema = "disabled")] pub struct ResourceImportSpec { - /// ClusterIDs specifies the member clusters this resource to import to. When not specified, import to all member clusters. + /// ClusterIDs specifies the member clusters this resource to import to. + /// When not specified, import to all member clusters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterID")] pub cluster_id: Option>, /// If imported resource is ClusterInfo. @@ -88,18 +89,28 @@ pub struct ResourceImportClusterinfoWireGuard { /// If imported resource is AntreaClusterNetworkPolicy. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicy { - /// Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule. + /// Select workloads on which the rules will be applied to. Cannot be set in + /// conjunction with AppliedTo in each rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedTo")] pub applied_to: Option>, - /// Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the `To` field but not the `From` field within a Rule. + /// Set of egress rules evaluated based on the order in which they are set. + /// Currently Egress rule supports setting the `To` field but not the `From` + /// field within a Rule. #[serde(default, skip_serializing_if = "Option::is_none")] pub egress: Option>, - /// Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the `From` field but not the `To` field within a Rule. + /// Set of ingress rules evaluated based on the order in which they are set. + /// Currently Ingress rule supports setting the `From` field but not the `To` + /// field within a Rule. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, - /// Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies. + /// Priority specfies the order of the ClusterNetworkPolicy relative to + /// other AntreaClusterNetworkPolicies. pub priority: f64, - /// Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier's Priority and the ClusterNetworkPolicy's own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom. + /// Tier specifies the tier to which this ClusterNetworkPolicy belongs to. + /// The ClusterNetworkPolicy order will be determined based on the + /// combination of the Tier's Priority and the ClusterNetworkPolicy's own + /// Priority. If not specified, this policy will be created in the Application + /// Tier right above the K8s NetworkPolicy which resides at the bottom. #[serde(default, skip_serializing_if = "Option::is_none")] pub tier: Option, } @@ -107,122 +118,186 @@ pub struct ResourceImportClusternetworkpolicy { /// AppliedTo describes the grouping selector of workloads in AppliedTo field. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in AppliedTo fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set as an + /// AppliedTo in place of a stand-alone selector. A Group cannot + /// be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in AppliedTo fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select Nodes in cluster as workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// AppliedTo fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. + /// Select a certain Service which matches the NamespacedName. + /// A Service can only be set in either policy level AppliedTo field in a policy + /// that only has ingress rules or rule level AppliedTo field in an ingress rule. + /// Only a NodePort Service can be referred by this field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in AppliedTo fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in AppliedTo fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select Nodes in cluster as workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// AppliedTo fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. +/// Select a certain Service which matches the NamespacedName. +/// A Service can only be set in either policy level AppliedTo field in a policy +/// that only has ingress rules or rule level AppliedTo field in an ingress rule. +/// Only a NodePort Service can be referred by this field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToService { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -231,7 +306,9 @@ pub struct ResourceImportClusternetworkpolicyAppliedToService { pub namespace: Option, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyAppliedToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -240,39 +317,60 @@ pub struct ResourceImportClusternetworkpolicyAppliedToServiceAccount { pub namespace: Option, } -/// Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol. +/// Rule describes the traffic allowed to/from the workloads selected by +/// Spec.AppliedTo. Based on the action specified in the rule, traffic is either +/// allowed or denied which exactly match the specified ports and protocol. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgress { /// Action specifies the action to be applied on the rule. pub action: String, - /// Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. + /// Select workloads on which this rule will be applied to. Cannot be set in + /// conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedTo")] pub applied_to: Option>, - /// EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false. + /// EnableLogging is used to indicate if agent should generate logs + /// when rules are matched. Should be default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableLogging")] pub enable_logging: Option, - /// Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources. + /// Rule is matched if traffic originates from workloads selected by + /// this field. If this field is empty, this rule matches all sources. #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, - /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic. + /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. + /// When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the + /// 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the + /// traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any + /// rules after a layer 7 rule will not be enforced for the traffic. #[serde(default, skip_serializing_if = "Option::is_none", rename = "l7Protocols")] pub l7_protocols: Option>, /// LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLabel")] pub log_label: Option, - /// Name describes the intention of this rule. Name should be unique within the policy. + /// Name describes the intention of this rule. + /// Name should be unique within the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports. + /// Set of ports and protocols matched by the rule. If this field and Protocols + /// are unset or empty, this rule matches all ports. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported. + /// Set of protocols matched by the rule. If this field and Ports are unset or + /// empty, this rule matches all protocols supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocols: Option>, - /// Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations. + /// Rule is matched if traffic is intended for workloads selected by + /// this field. This field can't be used with ToServices. If this field + /// and ToServices are both empty or missing this rule matches all destinations. #[serde(default, skip_serializing_if = "Option::is_none")] pub to: Option>, - /// Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations. + /// Rule is matched if traffic is intended for a Service listed in this field. + /// Currently, only ClusterIP types Services are supported in this field. + /// When scope is set to ClusterSet, it matches traffic intended for a multi-cluster + /// Service listed in this field. Service name and Namespace provided should match + /// the original exported Service. + /// This field can only be used when AntreaProxy is enabled. This field can't be used + /// with To or Ports. If this field and To are both empty or missing, this rule matches + /// all destinations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -280,122 +378,186 @@ pub struct ResourceImportClusternetworkpolicyEgress { /// AppliedTo describes the grouping selector of workloads in AppliedTo field. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in AppliedTo fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set as an + /// AppliedTo in place of a stand-alone selector. A Group cannot + /// be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in AppliedTo fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select Nodes in cluster as workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// AppliedTo fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. + /// Select a certain Service which matches the NamespacedName. + /// A Service can only be set in either policy level AppliedTo field in a policy + /// that only has ingress rules or rule level AppliedTo field in an ingress rule. + /// Only a NodePort Service can be referred by this field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in AppliedTo fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in AppliedTo fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select Nodes in cluster as workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// AppliedTo fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. +/// Select a certain Service which matches the NamespacedName. +/// A Service can only be set in either policy level AppliedTo field in a policy +/// that only has ingress rules or rule level AppliedTo field in an ingress rule. +/// Only a NodePort Service can be referred by this field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToService { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -404,7 +566,9 @@ pub struct ResourceImportClusternetworkpolicyEgressAppliedToService { pub namespace: Option, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressAppliedToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -416,149 +580,232 @@ pub struct ResourceImportClusternetworkpolicyEgressAppliedToServiceAccount { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFrom { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressFromServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -569,21 +816,26 @@ pub struct ResourceImportClusternetworkpolicyEgressFromServiceAccount { #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressL7Protocols { - /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. + /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. + /// If all fields are not provided, it matches all HTTP requests. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. + /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this + /// matches all TLS handshake packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. +/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. +/// If all fields are not provided, it matches all HTTP requests. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressL7ProtocolsHttp { - /// Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host. + /// Host represents the hostname present in the URI or the HTTP Host header to match. + /// It does not contain the port associated with the host. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. + /// Method represents the HTTP method to match. + /// It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, /// Path represents the URI path to match (Ex. "/index.html", "/admin"). @@ -591,7 +843,8 @@ pub struct ResourceImportClusternetworkpolicyEgressL7ProtocolsHttp { pub path: Option, } -/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. +/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this +/// matches all TLS handshake packets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressL7ProtocolsTls { /// SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message. @@ -602,35 +855,52 @@ pub struct ResourceImportClusternetworkpolicyEgressL7ProtocolsTls { /// NetworkPolicyPort describes the port and protocol to match in a rule. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressPorts { - /// EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified. + /// EndPort defines the end of the port range, inclusive. + /// It can only be specified when a numerical `port` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endPort")] pub end_port: Option, - /// The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. + /// The port on the given protocol. This can be either a numerical + /// or named port on a Pod. If this field is not provided, this + /// matches all port names and numbers. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + /// The protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified. + /// SourceEndPort defines the end of the source port range, inclusive. + /// It can only be specified when `sourcePort` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceEndPort")] pub source_end_port: Option, - /// The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports. + /// The source port on the given protocol. This can only be a numerical port. + /// If this field is not provided, rule matches all source ports. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePort")] pub source_port: Option, } -/// NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field. +/// NetworkPolicyProtocol defines additional protocols that are not supported by +/// `ports`. All fields should be used as a standalone field. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressProtocols { - /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. + /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All + /// fields could be used alone or together. If all fields are not provided, this + /// matches all ICMP traffic. #[serde(default, skip_serializing_if = "Option::is_none")] pub icmp: Option, - /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. + /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must + /// be filled with: + /// IGMPQuery int32 = 0x11 + /// IGMPReportV1 int32 = 0x12 + /// IGMPReportV2 int32 = 0x16 + /// IGMPReportV3 int32 = 0x22 + /// If groupAddress is empty, all groupAddresses will be matched. #[serde(default, skip_serializing_if = "Option::is_none")] pub igmp: Option, } -/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. +/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All +/// fields could be used alone or together. If all fields are not provided, this +/// matches all ICMP traffic. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressProtocolsIcmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] @@ -639,7 +909,13 @@ pub struct ResourceImportClusternetworkpolicyEgressProtocolsIcmp { pub icmp_type: Option, } -/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. +/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must +/// be filled with: +/// IGMPQuery int32 = 0x11 +/// IGMPReportV1 int32 = 0x12 +/// IGMPReportV2 int32 = 0x16 +/// IGMPReportV3 int32 = 0x22 +/// If groupAddress is empty, all groupAddresses will be matched. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressProtocolsIgmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupAddress")] @@ -651,149 +927,232 @@ pub struct ResourceImportClusternetworkpolicyEgressProtocolsIgmp { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -802,7 +1161,8 @@ pub struct ResourceImportClusternetworkpolicyEgressToServiceAccount { pub namespace: Option, } -/// PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service. +/// PeerService refers to a Service, which can be a in-cluster Service or +/// imported multi-cluster service. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyEgressToServices { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -813,39 +1173,60 @@ pub struct ResourceImportClusternetworkpolicyEgressToServices { pub scope: Option, } -/// Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol. +/// Rule describes the traffic allowed to/from the workloads selected by +/// Spec.AppliedTo. Based on the action specified in the rule, traffic is either +/// allowed or denied which exactly match the specified ports and protocol. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngress { /// Action specifies the action to be applied on the rule. pub action: String, - /// Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. + /// Select workloads on which this rule will be applied to. Cannot be set in + /// conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedTo")] pub applied_to: Option>, - /// EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false. + /// EnableLogging is used to indicate if agent should generate logs + /// when rules are matched. Should be default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableLogging")] pub enable_logging: Option, - /// Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources. + /// Rule is matched if traffic originates from workloads selected by + /// this field. If this field is empty, this rule matches all sources. #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, - /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any rules after a layer 7 rule will not be enforced for the traffic. + /// Set of layer 7 protocols matched by the rule. If this field is set, action can only be Allow. + /// When this field is used in a rule, any traffic matching the other layer 3/4 criteria of the rule (typically the + /// 5-tuple) will be forwarded to an application-aware engine for protocol detection and rule enforcement, and the + /// traffic will be allowed if the layer 7 criteria is also matched, otherwise it will be dropped. Therefore, any + /// rules after a layer 7 rule will not be enforced for the traffic. #[serde(default, skip_serializing_if = "Option::is_none", rename = "l7Protocols")] pub l7_protocols: Option>, /// LogLabel is a user-defined arbitrary string which will be printed in the NetworkPolicy logs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLabel")] pub log_label: Option, - /// Name describes the intention of this rule. Name should be unique within the policy. + /// Name describes the intention of this rule. + /// Name should be unique within the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Set of ports and protocols matched by the rule. If this field and Protocols are unset or empty, this rule matches all ports. + /// Set of ports and protocols matched by the rule. If this field and Protocols + /// are unset or empty, this rule matches all ports. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Set of protocols matched by the rule. If this field and Ports are unset or empty, this rule matches all protocols supported. + /// Set of protocols matched by the rule. If this field and Ports are unset or + /// empty, this rule matches all protocols supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocols: Option>, - /// Rule is matched if traffic is intended for workloads selected by this field. This field can't be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations. + /// Rule is matched if traffic is intended for workloads selected by + /// this field. This field can't be used with ToServices. If this field + /// and ToServices are both empty or missing this rule matches all destinations. #[serde(default, skip_serializing_if = "Option::is_none")] pub to: Option>, - /// Rule is matched if traffic is intended for a Service listed in this field. Currently, only ClusterIP types Services are supported in this field. When scope is set to ClusterSet, it matches traffic intended for a multi-cluster Service listed in this field. Service name and Namespace provided should match the original exported Service. This field can only be used when AntreaProxy is enabled. This field can't be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations. + /// Rule is matched if traffic is intended for a Service listed in this field. + /// Currently, only ClusterIP types Services are supported in this field. + /// When scope is set to ClusterSet, it matches traffic intended for a multi-cluster + /// Service listed in this field. Service name and Namespace provided should match + /// the original exported Service. + /// This field can only be used when AntreaProxy is enabled. This field can't be used + /// with To or Ports. If this field and To are both empty or missing, this rule matches + /// all destinations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -853,122 +1234,186 @@ pub struct ResourceImportClusternetworkpolicyIngress { /// AppliedTo describes the grouping selector of workloads in AppliedTo field. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in AppliedTo fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Group is the name of the ClusterGroup which can be set as an AppliedTo in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set as an + /// AppliedTo in place of a stand-alone selector. A Group cannot + /// be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in AppliedTo fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select Nodes in cluster as workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// AppliedTo fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. + /// Select a certain Service which matches the NamespacedName. + /// A Service can only be set in either policy level AppliedTo field in a policy + /// that only has ingress rules or rule level AppliedTo field in an ingress rule. + /// Only a NodePort Service can be referred by this field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in AppliedTo fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in AppliedTo fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in AppliedTo fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Nodes in cluster as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select Nodes in cluster as workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in AppliedTo fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// AppliedTo fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select a certain Service which matches the NamespacedName. A Service can only be set in either policy level AppliedTo field in a policy that only has ingress rules or rule level AppliedTo field in an ingress rule. Only a NodePort Service can be referred by this field. Cannot be set with any other selector. +/// Select a certain Service which matches the NamespacedName. +/// A Service can only be set in either policy level AppliedTo field in a policy +/// that only has ingress rules or rule level AppliedTo field in an ingress rule. +/// Only a NodePort Service can be referred by this field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToService { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -977,7 +1422,9 @@ pub struct ResourceImportClusternetworkpolicyIngressAppliedToService { pub namespace: Option, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in AppliedTo fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in AppliedTo fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressAppliedToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -989,149 +1436,232 @@ pub struct ResourceImportClusternetworkpolicyIngressAppliedToServiceAccount { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFrom { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressFromServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1142,21 +1672,26 @@ pub struct ResourceImportClusternetworkpolicyIngressFromServiceAccount { #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressL7Protocols { - /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. + /// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. + /// If all fields are not provided, it matches all HTTP requests. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. + /// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this + /// matches all TLS handshake packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. If all fields are not provided, it matches all HTTP requests. +/// HTTPProtocol matches HTTP requests with specific host, method, and path. All fields could be used alone or together. +/// If all fields are not provided, it matches all HTTP requests. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressL7ProtocolsHttp { - /// Host represents the hostname present in the URI or the HTTP Host header to match. It does not contain the port associated with the host. + /// Host represents the hostname present in the URI or the HTTP Host header to match. + /// It does not contain the port associated with the host. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Method represents the HTTP method to match. It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. + /// Method represents the HTTP method to match. + /// It could be GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS, CONNECT and PATCH. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, /// Path represents the URI path to match (Ex. "/index.html", "/admin"). @@ -1164,7 +1699,8 @@ pub struct ResourceImportClusternetworkpolicyIngressL7ProtocolsHttp { pub path: Option, } -/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this matches all TLS handshake packets. +/// TLSProtocol matches TLS handshake packets with specific SNI. If the field is not provided, this +/// matches all TLS handshake packets. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressL7ProtocolsTls { /// SNI (Server Name Indication) indicates the server domain name in the TLS/SSL hello message. @@ -1175,35 +1711,52 @@ pub struct ResourceImportClusternetworkpolicyIngressL7ProtocolsTls { /// NetworkPolicyPort describes the port and protocol to match in a rule. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressPorts { - /// EndPort defines the end of the port range, inclusive. It can only be specified when a numerical `port` is specified. + /// EndPort defines the end of the port range, inclusive. + /// It can only be specified when a numerical `port` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endPort")] pub end_port: Option, - /// The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. + /// The port on the given protocol. This can be either a numerical + /// or named port on a Pod. If this field is not provided, this + /// matches all port names and numbers. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + /// The protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// SourceEndPort defines the end of the source port range, inclusive. It can only be specified when `sourcePort` is specified. + /// SourceEndPort defines the end of the source port range, inclusive. + /// It can only be specified when `sourcePort` is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceEndPort")] pub source_end_port: Option, - /// The source port on the given protocol. This can only be a numerical port. If this field is not provided, rule matches all source ports. + /// The source port on the given protocol. This can only be a numerical port. + /// If this field is not provided, rule matches all source ports. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePort")] pub source_port: Option, } -/// NetworkPolicyProtocol defines additional protocols that are not supported by `ports`. All fields should be used as a standalone field. +/// NetworkPolicyProtocol defines additional protocols that are not supported by +/// `ports`. All fields should be used as a standalone field. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressProtocols { - /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. + /// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All + /// fields could be used alone or together. If all fields are not provided, this + /// matches all ICMP traffic. #[serde(default, skip_serializing_if = "Option::is_none")] pub icmp: Option, - /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. + /// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must + /// be filled with: + /// IGMPQuery int32 = 0x11 + /// IGMPReportV1 int32 = 0x12 + /// IGMPReportV2 int32 = 0x16 + /// IGMPReportV3 int32 = 0x22 + /// If groupAddress is empty, all groupAddresses will be matched. #[serde(default, skip_serializing_if = "Option::is_none")] pub igmp: Option, } -/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All fields could be used alone or together. If all fields are not provided, this matches all ICMP traffic. +/// ICMPProtocol matches ICMP traffic with specific ICMPType and/or ICMPCode. All +/// fields could be used alone or together. If all fields are not provided, this +/// matches all ICMP traffic. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressProtocolsIcmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] @@ -1212,7 +1765,13 @@ pub struct ResourceImportClusternetworkpolicyIngressProtocolsIcmp { pub icmp_type: Option, } -/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must be filled with: IGMPQuery int32 = 0x11 IGMPReportV1 int32 = 0x12 IGMPReportV2 int32 = 0x16 IGMPReportV3 int32 = 0x22 If groupAddress is empty, all groupAddresses will be matched. +/// IGMPProtocol matches IGMP traffic with IGMPType and GroupAddress. IGMPType must +/// be filled with: +/// IGMPQuery int32 = 0x11 +/// IGMPReportV1 int32 = 0x12 +/// IGMPReportV2 int32 = 0x16 +/// IGMPReportV3 int32 = 0x22 +/// If groupAddress is empty, all groupAddresses will be matched. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressProtocolsIgmp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupAddress")] @@ -1224,149 +1783,232 @@ pub struct ResourceImportClusternetworkpolicyIngressProtocolsIgmp { /// NetworkPolicyPeer describes the grouping selector of workloads. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressTo { - /// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select ExternalEntities from NetworkPolicy's Namespace as workloads + /// in To/From fields. If set with NamespaceSelector, + /// ExternalEntities are matched from Namespaces matched by the + /// NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalEntitySelector")] pub external_entity_selector: Option, - /// Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs such as "google.com". Wildcard expressions such as "*wayfair.com". + /// Restrict egress access to the Fully Qualified Domain Names prescribed + /// by name or by wildcard match patterns. This field can only be set for + /// NetworkPolicyPeer of egress rules. + /// Supported formats are: + /// Exact FQDNs such as "google.com". + /// Wildcard expressions such as "*wayfair.com". #[serde(default, skip_serializing_if = "Option::is_none")] pub fqdn: Option, - /// Group is the name of the ClusterGroup which can be set within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. + /// Group is the name of the ClusterGroup which can be set within + /// an Ingress or Egress rule in place of a stand-alone selector. + /// A Group cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. + /// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. + /// IPBlock cannot be set as part of the AppliedTo field. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] pub ip_block: Option, - /// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. + /// Select all Pods from Namespaces matched by this selector, as + /// workloads in To/From fields. If set with PodSelector, + /// Pods are matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. Cannot be set with Namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. + /// Select Pod/ExternalEntity from Namespaces matched by specific criteria. + /// Current supported criteria is match: Self, which selects from the same + /// Namespace of the appliedTo workloads. + /// Cannot be set with any other selector except PodSelector or + /// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer + /// is created for ClusterNetworkPolicy ingress/egress rules. + /// Cannot be set with NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, - /// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. + /// Select certain Nodes which match the label selector. + /// A NodeSelector cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. + /// Select Pods from NetworkPolicy's Namespace as workloads in + /// To/From fields. If set with NamespaceSelector, Pods are + /// matched from Namespaces matched by the NamespaceSelector. + /// Cannot be set with any other selector except NamespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option, - /// Define scope of the Pod/NamespaceSelector(s) of this peer. Can only be used in ingress NetworkPolicyPeers. Defaults to "Cluster". + /// Define scope of the Pod/NamespaceSelector(s) of this peer. + /// Can only be used in ingress NetworkPolicyPeers. + /// Defaults to "Cluster". #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. + /// Select all Pods with the ServiceAccount matched by this field, as + /// workloads in To/From fields. + /// Cannot be set with any other selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, } -/// Select ExternalEntities from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select ExternalEntities from NetworkPolicy's Namespace as workloads +/// in To/From fields. If set with NamespaceSelector, +/// ExternalEntities are matched from Namespaces matched by the +/// NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToExternalEntitySelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToExternalEntitySelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. +/// IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. +/// IPBlock cannot be set as part of the AppliedTo field. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToIpBlock { - /// CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24". + /// CIDR is a string representing the IP Block + /// Valid examples are "192.168.1.1/24". pub cidr: String, } -/// Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. +/// Select all Pods from Namespaces matched by this selector, as +/// workloads in To/From fields. If set with PodSelector, +/// Pods are matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. Cannot be set with Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. +/// Select Pod/ExternalEntity from Namespaces matched by specific criteria. +/// Current supported criteria is match: Self, which selects from the same +/// Namespace of the appliedTo workloads. +/// Cannot be set with any other selector except PodSelector or +/// ExternalEntitySelector. This field can only be set when NetworkPolicyPeer +/// is created for ClusterNetworkPolicy ingress/egress rules. +/// Cannot be set with NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToNamespaces { /// Selects from the same Namespace of the appliedTo workloads. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, - /// Selects Namespaces that share the same values for the given set of label keys with the appliedTo Namespace. Namespaces must have all the label keys. + /// Selects Namespaces that share the same values for the given set of label keys + /// with the appliedTo Namespace. Namespaces must have all the label keys. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameLabels")] pub same_labels: Option>, } -/// Select certain Nodes which match the label selector. A NodeSelector cannot be set with any other selector. +/// Select certain Nodes which match the label selector. +/// A NodeSelector cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToNodeSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToNodeSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select Pods from NetworkPolicy's Namespace as workloads in To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. +/// Select Pods from NetworkPolicy's Namespace as workloads in +/// To/From fields. If set with NamespaceSelector, Pods are +/// matched from Namespaces matched by the NamespaceSelector. +/// Cannot be set with any other selector except NamespaceSelector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToPodSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToPodSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Select all Pods with the ServiceAccount matched by this field, as workloads in To/From fields. Cannot be set with any other selector. +/// Select all Pods with the ServiceAccount matched by this field, as +/// workloads in To/From fields. +/// Cannot be set with any other selector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToServiceAccount { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1375,7 +2017,8 @@ pub struct ResourceImportClusternetworkpolicyIngressToServiceAccount { pub namespace: Option, } -/// PeerService refers to a Service, which can be a in-cluster Service or imported multi-cluster service. +/// PeerService refers to a Service, which can be a in-cluster Service or +/// imported multi-cluster service. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportClusternetworkpolicyIngressToServices { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1393,16 +2036,31 @@ pub struct ResourceImportEndpoints { pub subsets: Option>, } -/// EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given: -/// { Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] } -/// The resulting set of endpoints can be viewed as: -/// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], b: [ 10.10.1.1:309, 10.10.2.2:309 ] +/// EndpointSubset is a group of addresses with a common set of ports. The +/// expanded set of endpoints is the Cartesian product of Addresses x Ports. +/// For example, given: +/// +/// +/// { +/// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], +/// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] +/// } +/// +/// +/// The resulting set of endpoints can be viewed as: +/// +/// +/// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], +/// b: [ 10.10.1.1:309, 10.10.2.2:309 ] #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportEndpointsSubsets { - /// IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize. + /// IP addresses which offer the related ports that are marked as ready. These endpoints + /// should be considered safe for load balancers and clients to utilize. #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, - /// IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check. + /// IP addresses which offer the related ports but are not currently marked as ready + /// because they have not yet finished starting, have recently failed a readiness check, + /// or have recently failed a liveness check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "notReadyAddresses")] pub not_ready_addresses: Option>, /// Port numbers available on the related IP addresses. @@ -1416,7 +2074,9 @@ pub struct ResourceImportEndpointsSubsetsAddresses { /// The Hostname of this endpoint #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). + /// The IP of this endpoint. + /// May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), + /// or link-local multicast (224.0.0.0/24 or ff02::/16). pub ip: String, /// Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] @@ -1432,22 +2092,34 @@ pub struct ResourceImportEndpointsSubsetsAddressesTargetRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -1458,7 +2130,9 @@ pub struct ResourceImportEndpointsSubsetsNotReadyAddresses { /// The Hostname of this endpoint #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). + /// The IP of this endpoint. + /// May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), + /// or link-local multicast (224.0.0.0/24 or ff02::/16). pub ip: String, /// Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] @@ -1474,22 +2148,34 @@ pub struct ResourceImportEndpointsSubsetsNotReadyAddressesTargetRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -1497,18 +2183,37 @@ pub struct ResourceImportEndpointsSubsetsNotReadyAddressesTargetRef { /// EndpointPort is a tuple that describes a single port. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportEndpointsSubsetsPorts { - /// The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: - /// * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). - /// * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 - /// * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. + /// This field follows standard Kubernetes label syntax. + /// Valid values are either: + /// + /// + /// * Un-prefixed protocol names - reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// + /// + /// * Kubernetes-defined prefixed names: + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- + /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 + /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 + /// + /// + /// * Other protocols should use implementation-defined prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port. This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined. + /// The name of this port. This must match the 'name' field in the + /// corresponding ServicePort. + /// Must be a DNS_LABEL. + /// Optional only if one port is defined. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The port number of the endpoint. pub port: i32, - /// The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP. + /// The IP protocol for this port. + /// Must be UDP, TCP, or SCTP. + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } @@ -1527,7 +2232,8 @@ pub struct ResourceImportExternalentityExternalentityspec { /// Endpoints is a list of external endpoints associated with this entity. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoints: Option>, - /// ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity. + /// ExternalNode is the opaque identifier of the agent/controller responsible + /// for additional processing or handling of this external entity. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalNode")] pub external_node: Option, /// Ports maintain the list of named ports. @@ -1555,7 +2261,8 @@ pub struct ResourceImportExternalentityExternalentityspecPorts { /// The port on the given protocol. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + /// The protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } @@ -1566,7 +2273,9 @@ pub struct ResourceImportLabelIdentity { /// ID is the ID allocated for the label identity by the leader cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Label is the normalized string of a label identity. The format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)` E.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db` + /// Label is the normalized string of a label identity. + /// The format of normalized label identity is `ns:(?P(.)*)&pod:(?P(.)*)` + /// E.g., `ns:kubernetes.io/metadata.name=kube-system&pod:app=db` #[serde(default, skip_serializing_if = "Option::is_none")] pub label: Option, } @@ -1581,10 +2290,17 @@ pub struct ResourceImportRaw { /// If imported resource is ServiceImport. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportServiceImport { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1592,7 +2308,8 @@ pub struct ResourceImportServiceImport { /// spec defines the behavior of a ServiceImport. #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// status contains information about the exported services that form the multi-cluster service referenced by this ServiceImport. + /// status contains information about the exported services that form + /// the multi-cluster service referenced by this ServiceImport. #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } @@ -1608,13 +2325,19 @@ pub struct ResourceImportServiceImportSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub ips: Option>, pub ports: Vec, - /// Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. Ignored when type is Headless More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// Supports "ClientIP" and "None". Used to maintain session affinity. + /// Enable client IP based session affinity. + /// Must be ClientIP or None. + /// Defaults to None. + /// Ignored when type is Headless + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] pub session_affinity: Option, /// sessionAffinityConfig contains session affinity configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] pub session_affinity_config: Option, - /// type defines the type of this service. Must be ClusterSetIP or Headless. + /// type defines the type of this service. + /// Must be ClusterSetIP or Headless. #[serde(rename = "type")] pub r#type: ResourceImportServiceImportSpecType, } @@ -1622,15 +2345,26 @@ pub struct ResourceImportServiceImportSpec { /// ServicePort represents the port on which the service is exposed #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportServiceImportSpecPorts { - /// The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and http://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. Field can be enabled with ServiceAppProtocol feature gate. + /// The application protocol for this port. + /// This field follows standard Kubernetes label syntax. + /// Un-prefixed names are reserved for IANA standard service names (as per + /// RFC-6335 and http://www.iana.org/assignments/service-names). + /// Non-standard protocols should use prefixed names such as + /// mycompany.com/my-custom-protocol. + /// Field can be enabled with ServiceAppProtocol feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } @@ -1646,7 +2380,9 @@ pub struct ResourceImportServiceImportSpecSessionAffinityConfig { /// clientIP contains the configurations of Client IP based session affinity. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportServiceImportSpecSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). + /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. + /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + /// Default value is 10800(for 3 hours). #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1659,10 +2395,12 @@ pub enum ResourceImportServiceImportSpecType { Headless, } -/// status contains information about the exported services that form the multi-cluster service referenced by this ServiceImport. +/// status contains information about the exported services that form +/// the multi-cluster service referenced by this ServiceImport. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportServiceImportStatus { - /// clusters is the list of exporting clusters from which this service was derived. + /// clusters is the list of exporting clusters from which this service + /// was derived. #[serde(default, skip_serializing_if = "Option::is_none")] pub clusters: Option>, } @@ -1670,7 +2408,8 @@ pub struct ResourceImportServiceImportStatus { /// ClusterStatus contains service configuration mapped to a specific source cluster #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ResourceImportServiceImportStatusClusters { - /// cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS label. + /// cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS + /// label. pub cluster: String, } diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clustersets.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clustersets.rs index 58c853028..590e7956e 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clustersets.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clustersets.rs @@ -18,7 +18,8 @@ pub struct ClusterSetSpec { pub cluster_id: String, /// Leaders include leader clusters known to the member clusters. pub leaders: Vec, - /// The leader cluster Namespace in which the ClusterSet is defined. Used in a member cluster. + /// The leader cluster Namespace in which the ClusterSet is defined. + /// Used in a member cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -29,10 +30,12 @@ pub struct ClusterSetLeaders { /// Identify a leader cluster in the ClusterSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterID")] pub cluster_id: Option, - /// Name of the Secret resource in the member cluster, which stores the token to access the leader cluster's API server. + /// Name of the Secret resource in the member cluster, which stores + /// the token to access the leader cluster's API server. #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, - /// API server endpoint of the leader cluster. E.g. "https://172.18.0.1:6443", "https://example.com:6443". + /// API server endpoint of the leader cluster. + /// E.g. "https://172.18.0.1:6443", "https://example.com:6443". #[serde(default, skip_serializing_if = "Option::is_none")] pub server: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assign.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assign.rs index 2aad0775c..fc7b0aa76 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assign.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assign.rs @@ -13,13 +13,17 @@ use std::collections::HashMap; #[kube(status = "AssignStatus")] #[kube(schema = "disabled")] pub struct AssignSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -27,7 +31,8 @@ pub struct AssignSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -38,91 +43,141 @@ pub struct AssignApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignMatchSource { All, @@ -157,13 +212,16 @@ pub struct AssignParametersAssign { /// ExternalData describes the external data provider to be used for mutation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignParametersAssignExternalData { - /// DataSource specifies where to extract the data that will be sent to the external data provider as parameters. + /// DataSource specifies where to extract the data that will be sent + /// to the external data provider as parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// Default specifies the default value to use when the external data provider returns an error and the failure policy is set to "UseDefault". + /// Default specifies the default value to use when the external data + /// provider returns an error and the failure policy is set to "UseDefault". #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, - /// FailurePolicy specifies the policy to apply when the external data provider returns an error. + /// FailurePolicy specifies the policy to apply when the external data + /// provider returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. @@ -194,8 +252,17 @@ pub struct AssignParametersAssignFromMetadata { pub field: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -205,8 +272,17 @@ pub struct AssignParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignParametersPathTestsCondition { MustExist, @@ -229,7 +305,9 @@ pub struct AssignStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -242,7 +320,8 @@ pub struct AssignStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assignmetadata.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assignmetadata.rs index 48fe1b2da..1c2c37a85 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assignmetadata.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/assignmetadata.rs @@ -25,83 +25,129 @@ pub struct AssignMetadataSpec { /// Match selects which objects are in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -138,13 +184,16 @@ pub struct AssignMetadataParametersAssign { /// ExternalData describes the external data provider to be used for mutation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataParametersAssignExternalData { - /// DataSource specifies where to extract the data that will be sent to the external data provider as parameters. + /// DataSource specifies where to extract the data that will be sent + /// to the external data provider as parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// Default specifies the default value to use when the external data provider returns an error and the failure policy is set to "UseDefault". + /// Default specifies the default value to use when the external data + /// provider returns an error and the failure policy is set to "UseDefault". #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, - /// FailurePolicy specifies the policy to apply when the external data provider returns an error. + /// FailurePolicy specifies the policy to apply when the external data + /// provider returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. @@ -178,7 +227,8 @@ pub struct AssignMetadataParametersAssignFromMetadata { /// AssignMetadataStatus defines the observed state of AssignMetadata. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataStatus { - /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file + /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + /// Important: Run "make" to regenerate code after modifying this file #[serde(default, skip_serializing_if = "Option::is_none", rename = "byPod")] pub by_pod: Option>, } @@ -192,7 +242,9 @@ pub struct AssignMetadataStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -205,7 +257,8 @@ pub struct AssignMetadataStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/modifyset.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/modifyset.rs index 04d5a4e4c..871b3945a 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/modifyset.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1/modifyset.rs @@ -12,13 +12,17 @@ use std::collections::BTreeMap; #[kube(status = "ModifySetStatus")] #[kube(schema = "disabled")] pub struct ModifySetSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main].args`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -26,7 +30,8 @@ pub struct ModifySetSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -37,91 +42,141 @@ pub struct ModifySetApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ModifySetMatchSource { All, @@ -135,7 +190,8 @@ pub struct ModifySetParameters { /// Operation describes whether values should be merged in ("merge"), or pruned ("prune"). Default value is "merge" #[serde(default, skip_serializing_if = "Option::is_none")] pub operation: Option, - /// PathTests are a series of existence tests that can be checked before a mutation is applied + /// PathTests are a series of existence tests that can be checked + /// before a mutation is applied #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathTests")] pub path_tests: Option>, /// Values describes the values provided to the operation as `values.fromList`. @@ -152,8 +208,17 @@ pub enum ModifySetParametersOperation { Prune, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -163,8 +228,17 @@ pub struct ModifySetParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ModifySetParametersPathTestsCondition { MustExist, @@ -187,7 +261,9 @@ pub struct ModifySetStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -200,7 +276,8 @@ pub struct ModifySetStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assign.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assign.rs index 4e3a8d1e6..343bf2dfe 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assign.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assign.rs @@ -13,13 +13,17 @@ use std::collections::HashMap; #[kube(status = "AssignStatus")] #[kube(schema = "disabled")] pub struct AssignSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -27,7 +31,8 @@ pub struct AssignSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -38,91 +43,141 @@ pub struct AssignApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignMatchSource { All, @@ -157,13 +212,16 @@ pub struct AssignParametersAssign { /// ExternalData describes the external data provider to be used for mutation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignParametersAssignExternalData { - /// DataSource specifies where to extract the data that will be sent to the external data provider as parameters. + /// DataSource specifies where to extract the data that will be sent + /// to the external data provider as parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// Default specifies the default value to use when the external data provider returns an error and the failure policy is set to "UseDefault". + /// Default specifies the default value to use when the external data + /// provider returns an error and the failure policy is set to "UseDefault". #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, - /// FailurePolicy specifies the policy to apply when the external data provider returns an error. + /// FailurePolicy specifies the policy to apply when the external data + /// provider returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. @@ -194,8 +252,17 @@ pub struct AssignParametersAssignFromMetadata { pub field: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -205,8 +272,17 @@ pub struct AssignParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignParametersPathTestsCondition { MustExist, @@ -229,7 +305,9 @@ pub struct AssignStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -242,7 +320,8 @@ pub struct AssignStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignimage.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignimage.rs index 0bf4d329f..dfb53c1f4 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignimage.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignimage.rs @@ -12,13 +12,17 @@ use std::collections::BTreeMap; #[kube(status = "AssignImageStatus")] #[kube(schema = "disabled")] pub struct AssignImageSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main].image`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -26,7 +30,8 @@ pub struct AssignImageSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -37,91 +42,141 @@ pub struct AssignImageApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignImageMatchSource { All, @@ -132,21 +187,32 @@ pub enum AssignImageMatchSource { /// Parameters define the behavior of the mutator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageParameters { - /// AssignDomain sets the domain component on an image string. The trailing slash should not be included. + /// AssignDomain sets the domain component on an image string. The trailing + /// slash should not be included. #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignDomain")] pub assign_domain: Option, /// AssignPath sets the domain component on an image string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignPath")] pub assign_path: Option, - /// AssignImage sets the image component on an image string. It must start with a `:` or `@`. + /// AssignImage sets the image component on an image string. It must start + /// with a `:` or `@`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignTag")] pub assign_tag: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathTests")] pub path_tests: Option>, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -156,8 +222,17 @@ pub struct AssignImageParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignImageParametersPathTestsCondition { MustExist, @@ -180,7 +255,9 @@ pub struct AssignImageStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -193,7 +270,8 @@ pub struct AssignImageStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignImageStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignmetadata.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignmetadata.rs index 9c0342c0d..226ad2a3a 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignmetadata.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/assignmetadata.rs @@ -25,83 +25,129 @@ pub struct AssignMetadataSpec { /// Match selects which objects are in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -138,13 +184,16 @@ pub struct AssignMetadataParametersAssign { /// ExternalData describes the external data provider to be used for mutation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataParametersAssignExternalData { - /// DataSource specifies where to extract the data that will be sent to the external data provider as parameters. + /// DataSource specifies where to extract the data that will be sent + /// to the external data provider as parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// Default specifies the default value to use when the external data provider returns an error and the failure policy is set to "UseDefault". + /// Default specifies the default value to use when the external data + /// provider returns an error and the failure policy is set to "UseDefault". #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, - /// FailurePolicy specifies the policy to apply when the external data provider returns an error. + /// FailurePolicy specifies the policy to apply when the external data + /// provider returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. @@ -178,7 +227,8 @@ pub struct AssignMetadataParametersAssignFromMetadata { /// AssignMetadataStatus defines the observed state of AssignMetadata. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataStatus { - /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file + /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + /// Important: Run "make" to regenerate code after modifying this file #[serde(default, skip_serializing_if = "Option::is_none", rename = "byPod")] pub by_pod: Option>, } @@ -192,7 +242,9 @@ pub struct AssignMetadataStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -205,7 +257,8 @@ pub struct AssignMetadataStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/modifyset.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/modifyset.rs index cf57367e7..986607322 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/modifyset.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1alpha1/modifyset.rs @@ -12,13 +12,17 @@ use std::collections::BTreeMap; #[kube(status = "ModifySetStatus")] #[kube(schema = "disabled")] pub struct ModifySetSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main].args`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -26,7 +30,8 @@ pub struct ModifySetSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -37,91 +42,141 @@ pub struct ModifySetApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ModifySetMatchSource { All, @@ -135,7 +190,8 @@ pub struct ModifySetParameters { /// Operation describes whether values should be merged in ("merge"), or pruned ("prune"). Default value is "merge" #[serde(default, skip_serializing_if = "Option::is_none")] pub operation: Option, - /// PathTests are a series of existence tests that can be checked before a mutation is applied + /// PathTests are a series of existence tests that can be checked + /// before a mutation is applied #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathTests")] pub path_tests: Option>, /// Values describes the values provided to the operation as `values.fromList`. @@ -152,8 +208,17 @@ pub enum ModifySetParametersOperation { Prune, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -163,8 +228,17 @@ pub struct ModifySetParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ModifySetParametersPathTestsCondition { MustExist, @@ -187,7 +261,9 @@ pub struct ModifySetStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -200,7 +276,8 @@ pub struct ModifySetStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assign.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assign.rs index 989d04c28..b0d40738b 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assign.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assign.rs @@ -13,13 +13,17 @@ use std::collections::HashMap; #[kube(status = "AssignStatus")] #[kube(schema = "disabled")] pub struct AssignSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -27,7 +31,8 @@ pub struct AssignSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -38,91 +43,141 @@ pub struct AssignApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignMatchSource { All, @@ -157,13 +212,16 @@ pub struct AssignParametersAssign { /// ExternalData describes the external data provider to be used for mutation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignParametersAssignExternalData { - /// DataSource specifies where to extract the data that will be sent to the external data provider as parameters. + /// DataSource specifies where to extract the data that will be sent + /// to the external data provider as parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// Default specifies the default value to use when the external data provider returns an error and the failure policy is set to "UseDefault". + /// Default specifies the default value to use when the external data + /// provider returns an error and the failure policy is set to "UseDefault". #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, - /// FailurePolicy specifies the policy to apply when the external data provider returns an error. + /// FailurePolicy specifies the policy to apply when the external data + /// provider returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. @@ -194,8 +252,17 @@ pub struct AssignParametersAssignFromMetadata { pub field: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -205,8 +272,17 @@ pub struct AssignParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AssignParametersPathTestsCondition { MustExist, @@ -229,7 +305,9 @@ pub struct AssignStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -242,7 +320,8 @@ pub struct AssignStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assignmetadata.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assignmetadata.rs index 53c155527..e2963a8d7 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assignmetadata.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/assignmetadata.rs @@ -25,83 +25,129 @@ pub struct AssignMetadataSpec { /// Match selects which objects are in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -138,13 +184,16 @@ pub struct AssignMetadataParametersAssign { /// ExternalData describes the external data provider to be used for mutation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataParametersAssignExternalData { - /// DataSource specifies where to extract the data that will be sent to the external data provider as parameters. + /// DataSource specifies where to extract the data that will be sent + /// to the external data provider as parameters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// Default specifies the default value to use when the external data provider returns an error and the failure policy is set to "UseDefault". + /// Default specifies the default value to use when the external data + /// provider returns an error and the failure policy is set to "UseDefault". #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, - /// FailurePolicy specifies the policy to apply when the external data provider returns an error. + /// FailurePolicy specifies the policy to apply when the external data + /// provider returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, /// Provider is the name of the external data provider. @@ -178,7 +227,8 @@ pub struct AssignMetadataParametersAssignFromMetadata { /// AssignMetadataStatus defines the observed state of AssignMetadata. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataStatus { - /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file + /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + /// Important: Run "make" to regenerate code after modifying this file #[serde(default, skip_serializing_if = "Option::is_none", rename = "byPod")] pub by_pod: Option>, } @@ -192,7 +242,9 @@ pub struct AssignMetadataStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -205,7 +257,8 @@ pub struct AssignMetadataStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AssignMetadataStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/modifyset.rs b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/modifyset.rs index a406101a0..e0dfb4dde 100644 --- a/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/modifyset.rs +++ b/kube-custom-resources-rs/src/mutations_gatekeeper_sh/v1beta1/modifyset.rs @@ -12,13 +12,17 @@ use std::collections::BTreeMap; #[kube(status = "ModifySetStatus")] #[kube(schema = "disabled")] pub struct ModifySetSpec { - /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. This is necessary because every mutation implies part of an object schema and object schemas are associated with specific GVKs. + /// ApplyTo lists the specific groups, versions and kinds a mutation will be applied to. + /// This is necessary because every mutation implies part of an object schema and object + /// schemas are associated with specific GVKs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyTo")] pub apply_to: Option>, /// Location describes the path to be mutated, for example: `spec.containers[name: main].args`. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option, - /// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. + /// Match allows the user to limit which resources get mutated. + /// Individual match criteria are AND-ed together. An undefined + /// match criteria matches everything. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option, /// Parameters define the behavior of the mutator. @@ -26,7 +30,8 @@ pub struct ModifySetSpec { pub parameters: Option, } -/// ApplyTo determines what GVKs items the mutation should apply to. Globs are not allowed. +/// ApplyTo determines what GVKs items the mutation should apply to. +/// Globs are not allowed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetApplyTo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -37,91 +42,141 @@ pub struct ModifySetApplyTo { pub versions: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatch { - /// ExcludedNamespaces is a list of namespace names. If defined, a constraint only applies to resources not in a listed namespace. ExcludedNamespaces also supports a prefix or suffix based glob. For example, `excludedNamespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// ExcludedNamespaces is a list of namespace names. If defined, a + /// constraint only applies to resources not in a listed namespace. + /// ExcludedNamespaces also supports a prefix or suffix based glob. For example, + /// `excludedNamespaces: [kube-*]` matches both `kube-system` and + /// `kube-public`, and `excludedNamespaces: [*-system]` matches both `kube-system` and + /// `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedNamespaces")] pub excluded_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, - /// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. + /// LabelSelector is the combination of two optional fields: `matchLabels` + /// and `matchExpressions`. These two fields provide different methods of + /// selecting or excluding k8s objects based on the label keys and values + /// included in object metadata. All selection expressions from both + /// sections are ANDed to determine if an object meets the cumulative + /// requirements of the selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Name is the name of an object. If defined, it will match against objects with the specified name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. + /// Name is the name of an object. If defined, it will match against objects with the specified + /// name. Name also supports a prefix or suffix glob. For example, `name: pod-*` would match + /// both `pod-a` and `pod-b`, and `name: *-pod` would match both `a-pod` and `b-pod`. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. + /// NamespaceSelector is a label selector against an object's containing + /// namespace or the object itself, if the object is a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// Namespaces is a list of namespace names. If defined, a constraint only applies to resources in a listed namespace. Namespaces also supports a prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both `kube-system` and `gatekeeper-system`. + /// Namespaces is a list of namespace names. If defined, a constraint only + /// applies to resources in a listed namespace. Namespaces also supports a + /// prefix or suffix based glob. For example, `namespaces: [kube-*]` matches both + /// `kube-system` and `kube-public`, and `namespaces: [*-system]` matches both + /// `kube-system` and `gatekeeper-system`. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Scope determines if cluster-scoped and/or namespaced-scoped resources are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) + /// Scope determines if cluster-scoped and/or namespaced-scoped resources + /// are matched. Accepts `*`, `Cluster`, or `Namespaced`. (defaults to `*`) #[serde(default, skip_serializing_if = "Option::is_none")] pub scope: Option, - /// Source determines whether generated or original resources are matched. Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of `Generated` will only match generated resources, while `Original` will only match regular resources. + /// Source determines whether generated or original resources are matched. + /// Accepts `Generated`|`Original`|`All` (defaults to `All`). A value of + /// `Generated` will only match generated resources, while `Original` will only + /// match regular resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub source: Option, } -/// Kinds accepts a list of objects with apiGroups and kinds fields that list the groups/kinds of objects to which the mutation will apply. If multiple groups/kinds objects are specified, only one match is needed for the resource to be in scope. +/// Kinds accepts a list of objects with apiGroups and kinds fields +/// that list the groups/kinds of objects to which the mutation will apply. +/// If multiple groups/kinds objects are specified, +/// only one match is needed for the resource to be in scope. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchKinds { - /// APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required. + /// APIGroups is the API groups the resources belong to. '*' is all groups. + /// If '*' is present, the length of the slice must be one. + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub kinds: Option>, } -/// LabelSelector is the combination of two optional fields: `matchLabels` and `matchExpressions`. These two fields provide different methods of selecting or excluding k8s objects based on the label keys and values included in object metadata. All selection expressions from both sections are ANDed to determine if an object meets the cumulative requirements of the selector. +/// LabelSelector is the combination of two optional fields: `matchLabels` +/// and `matchExpressions`. These two fields provide different methods of +/// selecting or excluding k8s objects based on the label keys and values +/// included in object metadata. All selection expressions from both +/// sections are ANDed to determine if an object meets the cumulative +/// requirements of the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// NamespaceSelector is a label selector against an object's containing namespace or the object itself, if the object is a namespace. +/// NamespaceSelector is a label selector against an object's containing +/// namespace or the object itself, if the object is a namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetMatchNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Match allows the user to limit which resources get mutated. Individual match criteria are AND-ed together. An undefined match criteria matches everything. +/// Match allows the user to limit which resources get mutated. +/// Individual match criteria are AND-ed together. An undefined +/// match criteria matches everything. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ModifySetMatchSource { All, @@ -135,7 +190,8 @@ pub struct ModifySetParameters { /// Operation describes whether values should be merged in ("merge"), or pruned ("prune"). Default value is "merge" #[serde(default, skip_serializing_if = "Option::is_none")] pub operation: Option, - /// PathTests are a series of existence tests that can be checked before a mutation is applied + /// PathTests are a series of existence tests that can be checked + /// before a mutation is applied #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathTests")] pub path_tests: Option>, /// Values describes the values provided to the operation as `values.fromList`. @@ -152,8 +208,17 @@ pub enum ModifySetParametersOperation { Prune, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetParametersPathTests { /// Condition describes whether the path either MustExist or MustNotExist in the original object @@ -163,8 +228,17 @@ pub struct ModifySetParametersPathTests { pub sub_path: Option, } -/// PathTest allows the user to customize how the mutation works if parent paths are missing. It traverses the list in order. All sub paths are tested against the provided condition, if the test fails, the mutation is not applied. All `subPath` entries must be a prefix of `location`. Any glob characters will take on the same value as was used to expand the matching glob in `location`. -/// Available Tests: * MustExist - the path must exist or do not mutate * MustNotExist - the path must not exist or do not mutate. +/// PathTest allows the user to customize how the mutation works if parent +/// paths are missing. It traverses the list in order. All sub paths are +/// tested against the provided condition, if the test fails, the mutation is +/// not applied. All `subPath` entries must be a prefix of `location`. Any +/// glob characters will take on the same value as was used to +/// expand the matching glob in `location`. +/// +/// +/// Available Tests: +/// * MustExist - the path must exist or do not mutate +/// * MustNotExist - the path must not exist or do not mutate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ModifySetParametersPathTestsCondition { MustExist, @@ -187,7 +261,9 @@ pub struct ModifySetStatusByPod { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -200,7 +276,8 @@ pub struct ModifySetStatusByPod { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModifySetStatusByPodErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/instrumentations.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/instrumentations.rs index bdf9f16e4..08c95da8a 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/instrumentations.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/instrumentations.rs @@ -7,818 +7,1338 @@ use serde::{Serialize, Deserialize}; use std::collections::BTreeMap; use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; +/// InstrumentationSpec defines the desired state of OpenTelemetry SDK and instrumentation. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "opentelemetry.io", version = "v1alpha1", kind = "Instrumentation", plural = "instrumentations")] #[kube(namespaced)] #[kube(schema = "disabled")] pub struct InstrumentationSpec { + /// ApacheHttpd defines configuration for Apache HTTPD auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apacheHttpd")] pub apache_httpd: Option, + /// DotNet defines configuration for DotNet auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub dotnet: Option, + /// Env defines common env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Exporter defines exporter configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub exporter: Option, + /// Go defines configuration for Go auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub go: Option, + /// Java defines configuration for java auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub java: Option, + /// Nginx defines configuration for Nginx auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub nginx: Option, + /// NodeJS defines configuration for nodejs auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodejs: Option, + /// Propagators defines inter-process context propagation configuration. + /// Values in this list will be set in the OTEL_PROPAGATORS env var. + /// Enum=tracecontext;baggage;b3;b3multi;jaeger;xray;ottrace;none #[serde(default, skip_serializing_if = "Option::is_none")] pub propagators: Option>, + /// Python defines configuration for python auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub python: Option, + /// Resource defines the configuration for the resource attributes, as defined by the OpenTelemetry specification. #[serde(default, skip_serializing_if = "Option::is_none")] pub resource: Option, + /// Sampler defines sampling configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub sampler: Option, } +/// ApacheHttpd defines configuration for Apache HTTPD auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpd { + /// Attrs defines Apache HTTPD agent specific attributes. The precedence is: + /// `agent default attributes` > `instrument spec attributes` . + /// Attributes are documented at https://github. #[serde(default, skip_serializing_if = "Option::is_none")] pub attrs: Option>, + /// Location of Apache HTTPD server configuration. + /// Needed only if different from default "/usr/local/apache2/conf" #[serde(default, skip_serializing_if = "Option::is_none", rename = "configPath")] pub config_path: Option, + /// Env defines Apache HTTPD specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with Apache SDK and auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirements")] pub resource_requirements: Option, + /// Apache HTTPD server version. One of 2.4 or 2.2. Default is 2.4 #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdAttrs { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdAttrsValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdAttrsValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdAttrsValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdAttrsValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdAttrsValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdResourceRequirements { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationApacheHttpdResourceRequirementsClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// DotNet defines configuration for DotNet auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnet { + /// Env defines DotNet specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with DotNet SDK and auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirements")] pub resource_requirements: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetResourceRequirements { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationDotnetResourceRequirementsClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Exporter defines exporter configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationExporter { + /// Endpoint is address of the collector with OTLP endpoint. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, } +/// Go defines configuration for Go auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGo { + /// Env defines Go specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with Go SDK and auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirements")] pub resource_requirements: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoResourceRequirements { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationGoResourceRequirementsClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// Java defines configuration for java auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJava { + /// Env defines java specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with javaagent auto-instrumentation JAR. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationJavaResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// Nginx defines configuration for Nginx auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginx { + /// Attrs defines Nginx agent specific attributes. The precedence order is: + /// `agent default attributes` > `instrument spec attributes` . + /// Attributes are documented at https://github. #[serde(default, skip_serializing_if = "Option::is_none")] pub attrs: Option>, + /// Location of Nginx configuration file. + /// Needed only if different from default "/etx/nginx/nginx.conf" #[serde(default, skip_serializing_if = "Option::is_none", rename = "configFile")] pub config_file: Option, + /// Env defines Nginx specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with Nginx SDK and auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirements")] pub resource_requirements: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxAttrs { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxAttrsValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxAttrsValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxAttrsValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxAttrsValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxAttrsValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxResourceRequirements { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNginxResourceRequirementsClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// NodeJS defines configuration for nodejs auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejs { + /// Env defines nodejs specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with NodeJS SDK and auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirements")] pub resource_requirements: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsResourceRequirements { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationNodejsResourceRequirementsClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// Python defines configuration for python auto-instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPython { + /// Env defines python specific env vars. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Image is a container image with Python SDK and auto-instrumentation. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Resources describes the compute resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirements")] pub resource_requirements: Option, + /// VolumeSizeLimit defines size limit for volume used for auto-instrumentation. + /// The default size is 200Mi. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeLimitSize")] pub volume_limit_size: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Resources describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonResourceRequirements { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationPythonResourceRequirementsClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// Resource defines the configuration for the resource attributes, as defined by the OpenTelemetry specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationResource { + /// AddK8sUIDAttributes defines whether K8s UID attributes should be collected (e.g. k8s.deployment.uid). #[serde(default, skip_serializing_if = "Option::is_none", rename = "addK8sUIDAttributes")] pub add_k8s_uid_attributes: Option, + /// Attributes defines attributes that are added to the resource. + /// For example environment: dev #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] pub resource_attributes: Option>, } +/// Sampler defines sampling configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationSampler { + /// Argument defines sampler argument. + /// The value depends on the sampler type. + /// For instance for parentbased_traceidratio sampler type it is a number in range [0..1] e.g. 0.25. #[serde(default, skip_serializing_if = "Option::is_none")] pub argument: Option, + /// Type defines sampler type. + /// The value will be set in the OTEL_TRACES_SAMPLER env var. + /// The value can be for instance parentbased_always_on, parentbased_always_off, parentbased_traceidratio... #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// Sampler defines sampling configuration. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum InstrumentationSamplerType { #[serde(rename = "always_on")] @@ -839,6 +1359,7 @@ pub enum InstrumentationSamplerType { Xray, } +/// InstrumentationStatus defines status of the instrumentation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstrumentationStatus { } diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs index e115e8183..af15ff3a1 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs @@ -7,650 +7,1169 @@ use serde::{Serialize, Deserialize}; use std::collections::BTreeMap; use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; +/// OpAMPBridgeSpec defines the desired state of OpAMPBridge. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "opentelemetry.io", version = "v1alpha1", kind = "OpAMPBridge", plural = "opampbridges")] #[kube(namespaced)] #[kube(status = "OpAMPBridgeStatus")] #[kube(schema = "disabled")] pub struct OpAMPBridgeSpec { + /// If specified, indicates the pod's scheduling constraints #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// Capabilities supported by the OpAMP Bridge pub capabilities: BTreeMap, + /// ComponentsAllowed is a list of allowed OpenTelemetry components for each pipeline type (receiver, processor, etc.) #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentsAllowed")] pub components_allowed: Option>, + /// OpAMP backend Server endpoint pub endpoint: String, + /// ENV vars to set on the OpAMPBridge Pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables on the OpAMPBridge Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Headers is an optional map of headers to use when connecting to the OpAMP Server, + /// typically used to set access tokens or other authorization headers. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, + /// HostNetwork indicates if the pod should run in the host networking namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, + /// Image indicates the container image to use for the OpAMPBridge. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// ImagePullPolicy indicates the pull policy to be used for retrieving the container image (Always, Never, IfNotPresent) #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// NodeSelector to schedule OpAMPBridge pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// PodAnnotations is the set of annotations that will be attached to + /// OpAMPBridge pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAnnotations")] pub pod_annotations: Option>, + /// PodSecurityContext will be set as the pod security context. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// Ports allows a set of ports to be exposed by the underlying v1.Service. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// If specified, indicates the pod's priority. + /// If not specified, the pod priority will be default or zero if there is no + /// default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// Replicas is the number of pod instances for the OpAMPBridge. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, + /// Resources to set on the OpAMPBridge pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// SecurityContext will be set as the container security context. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount indicates the name of an existing service account to use with this instance. When set, + /// the operator will not automatically create a ServiceAccount for the OpAMPBridge. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// Toleration to schedule OpAMPBridge pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// TopologySpreadConstraints embedded kubernetes pod configuration option, + /// controls how pods are spread across your cluster among failure-domains + /// such as regions, zones, nodes, and other user-defined top #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, + /// UpgradeStrategy represents how the operator will handle upgrades to the CR when a newer version of the operator is deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeStrategy")] pub upgrade_strategy: Option, + /// VolumeMounts represents the mount points to use in the underlying OpAMPBridge deployment(s) #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Volumes represents which volumes to use in the underlying OpAMPBridge deployment(s). #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, } +/// If specified, indicates the pod's scheduling constraints #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: OpAMPBridgeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-locate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-locate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// PodSecurityContext will be set as the pod security context. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgePodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for th #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgePodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgePodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgePodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgePodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgePorts { + /// The application protocol for this port. + /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. + /// This field follows standard Kubernetes label syntax. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, + /// The port that will be exposed by this service. pub port: i32, + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } +/// Resources to set on the OpAMPBridge pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// SecurityContext will be set as the container security context. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. #[serde(rename = "maxSkew")] pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. #[serde(rename = "topologyKey")] pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// OpAMPBridgeSpec defines the desired state of OpAMPBridge. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpAMPBridgeUpgradeStrategy { #[serde(rename = "automatic")] @@ -659,257 +1178,462 @@ pub enum OpAMPBridgeUpgradeStrategy { None, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumes { + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, + /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, + /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, + /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, + /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, + /// ephemeral represents a volume that is handled by a cluster storage driver. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, + /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, + /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, + /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesAwsElasticBlockStore { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } +/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesAzureDisk { + /// cachingMode is the Host Caching mode: None, Read Only, Read Write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] pub caching_mode: Option, + /// diskName is the Name of the data disk in the blob storage #[serde(rename = "diskName")] pub disk_name: String, + /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesAzureFile { + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretName is the name of secret that contains Azure Storage Account Name and Key #[serde(rename = "secretName")] pub secret_name: String, + /// shareName is the azure share Name #[serde(rename = "shareName")] pub share_name: String, } +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesCephfs { + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, + /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesCephfsSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesCinder { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesCinderSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesConfigMap { + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesCsi { + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesCsiNodePublishSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesDownwardApi { + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// Items is a list of downward API volume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEmptyDir { + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } +/// ephemeral represents a volume that is handled by a cluster storage driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeral { + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplate { + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. pub spec: OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpec, } +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -924,461 +1648,845 @@ pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateMetadata { pub namespace: Option, } +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, + /// Kind is the type of resource being referenced pub kind: String, + /// Name is the name of resource being referenced pub name: String, } +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, + /// Kind is the type of resource being referenced pub kind: String, + /// Name is the name of resource being referenced pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// resources represents the minimum resources the volume should have. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesFc { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesFlexVolume { + /// driver is the name of the driver to use for this volume. pub driver: String, + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesFlexVolumeSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesFlocker { + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, + /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] pub dataset_uuid: Option, } +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesGcePersistentDisk { + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesGitRepo { + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, + /// repository is the URL pub repository: String, + /// revision is the commit hash for the specified revision. #[serde(default, skip_serializing_if = "Option::is_none")] pub revision: Option, } +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesGlusterfs { + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesHostPath { + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesIscsi { + /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] pub chap_auth_discovery: Option, + /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// initiatorName is the custom iSCSI Initiator Name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, + /// iqn is the target iSCSI Qualified Name. pub iqn: String, + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, + /// lun represents iSCSI Target Lun number. pub lun: i32, + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } +/// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesIscsiSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesNfs { + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesPersistentVolumeClaim { + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesPhotonPersistentDisk { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// pdID is the ID that identifies Photon Controller persistent disk #[serde(rename = "pdID")] pub pd_id: String, } +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesPortworxVolume { + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID uniquely identifies a Portworx volume #[serde(rename = "volumeID")] pub volume_id: String, } +/// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjected { + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// sources is the list of volume projections #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } +/// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, + /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// downwardAPI information about the downwardAPI data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// secret information about the secret data to project #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// serviceAccountToken is information about the serviceAccountToken data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// Relative path from the volume root to write the bundle. pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesConfigMap { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// downwardAPI information about the downwardAPI data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesDownwardApi { + /// Items is a list of DownwardAPIVolume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesSecret { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional field specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesProjectedSourcesServiceAccountToken { + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesQuobyte { + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, + /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesRbd { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesRbdSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesScaleIo { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// gateway is the host address of the ScaleIO API Gateway. pub gateway: String, + /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: OpAMPBridgeVolumesScaleIoSecretRef, + /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, + /// storagePool is the ScaleIO Storage Pool associated with the protection domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] pub storage_pool: Option, + /// system is the name of the storage system as configured in ScaleIO. pub system: String, + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesScaleIoSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesSecret { + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesStorageos { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesStorageosSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeVolumesVsphereVolume { + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] pub storage_policy_id: Option, + /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] pub storage_policy_name: Option, + /// volumePath is the path that identifies vSphere volume vmdk #[serde(rename = "volumePath")] pub volume_path: String, } +/// OpAMPBridgeStatus defines the observed state of OpAMPBridge. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpAMPBridgeStatus { + /// Version of the managed OpAMP Bridge (operand) #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs index 2d229c428..d3e11d514 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs @@ -8,1056 +8,1882 @@ use std::collections::BTreeMap; use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; +/// OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "opentelemetry.io", version = "v1alpha1", kind = "OpenTelemetryCollector", plural = "opentelemetrycollectors")] #[kube(namespaced)] #[kube(status = "OpenTelemetryCollectorStatus")] #[kube(schema = "disabled")] pub struct OpenTelemetryCollectorSpec { + /// AdditionalContainers allows injecting additional containers into the Collector's pod definition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalContainers")] pub additional_containers: Option>, + /// If specified, indicates the pod's scheduling constraints #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// Args is the set of arguments to pass to the OpenTelemetry Collector binary #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Autoscaler specifies the pod autoscaling configuration to use + /// for the OpenTelemetryCollector workload. #[serde(default, skip_serializing_if = "Option::is_none")] pub autoscaler: Option, + /// Config is the raw JSON to be used as the collector's configuration. Refer to the OpenTelemetry Collector documentation for details. #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, + /// ConfigMaps is a list of ConfigMaps in the same namespace as the OpenTelemetryCollector + /// object, which shall be mounted into the Collector Pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub configmaps: Option>, + /// UpdateStrategy represents the strategy the operator will take replacing existing Deployment pods with new pods + /// https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentUpdateStrategy")] pub deployment_update_strategy: Option, + /// ENV vars to set on the OpenTelemetry Collector's Pods. These can then in certain cases be + /// consumed in the config file for the Collector. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables on the OpenTelemetry Collector's Pods. + /// These can then in certain cases be consumed in the config file for the Collector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// HostNetwork indicates if the pod should run in the host networking namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, + /// Image indicates the container image to use for the OpenTelemetry Collector. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// ImagePullPolicy indicates the pull policy to be used for retrieving the container image (Always, Never, IfNotPresent) #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Ingress is used to specify how OpenTelemetry Collector is exposed. This + /// functionality is only available if one of the valid modes is set. + /// Valid modes are: deployment, daemonset and statefulset. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option, + /// InitContainers allows injecting initContainers to the Collector's pod definition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, + /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Liveness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// ManagementState defines if the CR should be managed by the operator or not. + /// Default is managed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "managementState")] pub management_state: Option, + /// MaxReplicas sets an upper bound to the autoscaling feature. If MaxReplicas is set autoscaling is enabled. + /// Deprecated: use "OpenTelemetryCollector.Spec.Autoscaler.MaxReplicas" instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxReplicas")] pub max_replicas: Option, + /// MinReplicas sets a lower bound to the autoscaling feature. Set this if you are using autoscaling. It must be at least 1 + /// Deprecated: use "OpenTelemetryCollector.Spec.Autoscaler.MinReplicas" instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] pub min_replicas: Option, + /// Mode represents how the collector should be deployed (deployment, daemonset, statefulset or sidecar) #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// NodeSelector to schedule OpenTelemetry Collector pods. + /// This is only relevant to daemonset, statefulset, and deployment mode #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// ObservabilitySpec defines how telemetry data gets handled. #[serde(default, skip_serializing_if = "Option::is_none")] pub observability: Option, + /// PodAnnotations is the set of annotations that will be attached to + /// Collector and Target Allocator pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAnnotations")] pub pod_annotations: Option>, + /// PodDisruptionBudget specifies the pod disruption budget configuration to use + /// for the OpenTelemetryCollector workload. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podDisruptionBudget")] pub pod_disruption_budget: Option, + /// PodSecurityContext configures the pod security context for the + /// opentelemetry-collector pod, when running as a deployment, daemonset, + /// or statefulset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// Ports allows a set of ports to be exposed by the underlying v1.Service. By default, the operator + /// will attempt to infer the required ports by parsing the .Spec. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// If specified, indicates the pod's priority. + /// If not specified, the pod priority will be default or zero if there is no + /// default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// Replicas is the number of pod instances for the underlying OpenTelemetry Collector. Set this if your are not using autoscaling #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, + /// Resources to set on the OpenTelemetry Collector pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// SecurityContext configures the container security context for + /// the opentelemetry-collector container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount indicates the name of an existing service account to use with this instance. When set, + /// the operator will not automatically create a ServiceAccount for the collector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// ShareProcessNamespace indicates if the pod's containers should share process namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] pub share_process_namespace: Option, + /// TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetAllocator")] pub target_allocator: Option, + /// Duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Toleration to schedule OpenTelemetry Collector pods. + /// This is only relevant to daemonset, statefulset, and deployment mode #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// TopologySpreadConstraints embedded kubernetes pod configuration option, + /// controls how pods are spread across your cluster among failure-domains + /// such as regions, zones, nodes, and other user-defined top #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, + /// UpdateStrategy represents the strategy the operator will take replacing existing DaemonSet pods with new pods + /// https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] pub update_strategy: Option, + /// UpgradeStrategy represents how the operator will handle upgrades to the CR when a newer version of the operator is deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeStrategy")] pub upgrade_strategy: Option, + /// VolumeClaimTemplates will provide stable storage using PersistentVolumes. Only available when the mode=statefulset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] pub volume_claim_templates: Option>, + /// VolumeMounts represents the mount points to use in the underlying collector deployment(s) #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Volumes represents which volumes to use in the underlying collector deployment(s). #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainers { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. pub seconds: i64, } +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. pub seconds: i64, } +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAdditionalContainersVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// If specified, indicates the pod's scheduling constraints #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: OpenTelemetryCollectorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-locate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-locate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Autoscaler specifies the pod autoscaling configuration to use +/// for the OpenTelemetryCollector workload. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscaler { + /// HorizontalPodAutoscalerBehavior configures the scaling behavior of the target + /// in both Up and Down directions (scaleUp and scaleDown fields respectively). #[serde(default, skip_serializing_if = "Option::is_none")] pub behavior: Option, + /// MaxReplicas sets an upper bound to the autoscaling feature. If MaxReplicas is set autoscaling is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxReplicas")] pub max_replicas: Option, + /// Metrics is meant to provide a customizable way to configure HPA metrics. + /// currently the only supported custom metrics is type=Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option>, + /// MinReplicas sets a lower bound to the autoscaling feature. Set this if your are using autoscaling. It must be at least 1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] pub min_replicas: Option, + /// TargetCPUUtilization sets the target average CPU used across all replicas. + /// If average CPU exceeds this value, the HPA will scale up. Defaults to 90 percent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetCPUUtilization")] pub target_cpu_utilization: Option, + /// TargetMemoryUtilization sets the target average memory utilization across all replicas #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetMemoryUtilization")] pub target_memory_utilization: Option, } +/// HorizontalPodAutoscalerBehavior configures the scaling behavior of the target +/// in both Up and Down directions (scaleUp and scaleDown fields respectively). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerBehavior { + /// scaleDown is scaling policy for scaling Down. + /// If not set, the default value is to allow to scale down to minReplicas pods, with a + /// 300 second stabilization window (i.e. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleDown")] pub scale_down: Option, + /// scaleUp is scaling policy for scaling Up. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleUp")] pub scale_up: Option, } +/// scaleDown is scaling policy for scaling Down. +/// If not set, the default value is to allow to scale down to minReplicas pods, with a +/// 300 second stabilization window (i.e. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerBehaviorScaleDown { + /// policies is a list of potential scaling polices which can be used during scaling. + /// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, + /// selectPolicy is used to specify which policy should be used. + /// If not set, the default value Max is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "selectPolicy")] pub select_policy: Option, + /// stabilizationWindowSeconds is the number of seconds for which past recommendations should be + /// considered while scaling up or scaling down. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stabilizationWindowSeconds")] pub stabilization_window_seconds: Option, } +/// HPAScalingPolicy is a single policy which must hold true for a specified past interval. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerBehaviorScaleDownPolicies { + /// periodSeconds specifies the window of time for which the policy should hold true. + /// PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). #[serde(rename = "periodSeconds")] pub period_seconds: i32, + /// type is used to specify the scaling policy. #[serde(rename = "type")] pub r#type: String, + /// value contains the amount of change which is permitted by the policy. + /// It must be greater than zero pub value: i32, } +/// scaleUp is scaling policy for scaling Up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerBehaviorScaleUp { + /// policies is a list of potential scaling polices which can be used during scaling. + /// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, + /// selectPolicy is used to specify which policy should be used. + /// If not set, the default value Max is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "selectPolicy")] pub select_policy: Option, + /// stabilizationWindowSeconds is the number of seconds for which past recommendations should be + /// considered while scaling up or scaling down. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stabilizationWindowSeconds")] pub stabilization_window_seconds: Option, } +/// HPAScalingPolicy is a single policy which must hold true for a specified past interval. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerBehaviorScaleUpPolicies { + /// periodSeconds specifies the window of time for which the policy should hold true. + /// PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). #[serde(rename = "periodSeconds")] pub period_seconds: i32, + /// type is used to specify the scaling policy. #[serde(rename = "type")] pub r#type: String, + /// value contains the amount of change which is permitted by the policy. + /// It must be greater than zero pub value: i32, } +/// MetricSpec defines a subset of metrics to be defined for the HPA's metric array +/// more metric type can be supported as needed. +/// See https://pkg.go.dev/k8s.io/api/autoscaling/v2#MetricSpec for reference. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerMetrics { + /// PodsMetricSource indicates how to scale on a metric describing each pod in + /// the current scale target (for example, transactions-processed-per-second). #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, + /// MetricSourceType indicates the type of metric. #[serde(rename = "type")] pub r#type: String, } +/// PodsMetricSource indicates how to scale on a metric describing each pod in +/// the current scale target (for example, transactions-processed-per-second). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerMetricsPods { + /// metric identifies the target metric by name and selector pub metric: OpenTelemetryCollectorAutoscalerMetricsPodsMetric, + /// target specifies the target value for the given metric pub target: OpenTelemetryCollectorAutoscalerMetricsPodsTarget, } +/// metric identifies the target metric by name and selector #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerMetricsPodsMetric { + /// name is the name of the given metric pub name: String, + /// selector is the string-encoded form of a standard kubernetes label selector for the given metric + /// When set, it is passed as an additional parameter to the metrics server for more specific metrics scopi #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, } +/// selector is the string-encoded form of a standard kubernetes label selector for the given metric +/// When set, it is passed as an additional parameter to the metrics server for more specific metrics scopi #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerMetricsPodsMetricSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerMetricsPodsMetricSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// target specifies the target value for the given metric #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorAutoscalerMetricsPodsTarget { + /// averageUtilization is the target value of the average of the + /// resource metric across all relevant pods, represented as a percentage of + /// the requested value of the resource for the pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageUtilization")] pub average_utilization: Option, + /// averageValue is the target value of the average of the + /// metric across all relevant pods (as a quantity) #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageValue")] pub average_value: Option, + /// type represents whether the metric type is Utilization, Value, or AverageValue #[serde(rename = "type")] pub r#type: String, + /// value is the target value of the metric (as a quantity). #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1065,131 +1891,219 @@ pub struct OpenTelemetryCollectorAutoscalerMetricsPodsTarget { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorConfigmaps { pub mountpath: String, + /// Configmap defines name and path where the configMaps should be mounted. pub name: String, } +/// UpdateStrategy represents the strategy the operator will take replacing existing Deployment pods with new pods +/// https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorDeploymentUpdateStrategy { + /// Rolling update config params. Present only if DeploymentStrategyType = + /// RollingUpdate. + /// --- + /// TODO: Update this to follow our convention for oneOf, whatever we decide it + /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, + /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// Rolling update config params. Present only if DeploymentStrategyType = +/// RollingUpdate. +/// --- +/// TODO: Update this to follow our convention for oneOf, whatever we decide it +/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorDeploymentUpdateStrategyRollingUpdate { + /// The maximum number of pods that can be scheduled above the desired number of + /// pods. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Ingress is used to specify how OpenTelemetry Collector is exposed. This +/// functionality is only available if one of the valid modes is set. +/// Valid modes are: deployment, daemonset and statefulset. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorIngress { + /// Annotations to add to ingress. + /// e.g. 'cert-manager.io/cluster-issuer: "letsencrypt"' #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// Hostname by which the ingress proxy can be reached. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, + /// IngressClassName is the name of an IngressClass cluster resource. Ingress + /// controller implementations use this field to know whether they should be + /// serving this Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] pub ingress_class_name: Option, + /// Route is an OpenShift specific section that is only considered when + /// type "route" is used. #[serde(default, skip_serializing_if = "Option::is_none")] pub route: Option, + /// RuleType defines how Ingress exposes collector receivers. + /// IngressRuleTypePath ("path") exposes each receiver port on a unique path on single domain defined in Hostname. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleType")] pub rule_type: Option, + /// TLS configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, + /// Type default value is: "" + /// Supported types are: ingress, route #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// Route is an OpenShift specific section that is only considered when +/// type "route" is used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorIngressRoute { + /// Termination indicates termination type. By default "edge" is used. #[serde(default, skip_serializing_if = "Option::is_none")] pub termination: Option, } +/// Route is an OpenShift specific section that is only considered when +/// type "route" is used. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorIngressRouteTermination { #[serde(rename = "insecure")] @@ -1202,6 +2116,9 @@ pub enum OpenTelemetryCollectorIngressRouteTermination { Reencrypt, } +/// Ingress is used to specify how OpenTelemetry Collector is exposed. This +/// functionality is only available if one of the valid modes is set. +/// Valid modes are: deployment, daemonset and statefulset. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorIngressRuleType { #[serde(rename = "path")] @@ -1210,14 +2127,23 @@ pub enum OpenTelemetryCollectorIngressRuleType { Subdomain, } +/// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorIngressTls { + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// Ingress is used to specify how OpenTelemetry Collector is exposed. This +/// functionality is only available if one of the valid modes is set. +/// Valid modes are: deployment, daemonset and statefulset. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorIngressType { #[serde(rename = "ingress")] @@ -1226,681 +2152,1201 @@ pub enum OpenTelemetryCollectorIngressType { Route, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainers { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. pub seconds: i64, } +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. pub seconds: i64, } +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorInitContainersVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. pub seconds: i64, } +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. pub seconds: i64, } +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Liveness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorLivenessProbe { + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// Defaults to 0 seconds. Minimum value is 0. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorManagementState { #[serde(rename = "managed")] @@ -1909,6 +3355,7 @@ pub enum OpenTelemetryCollectorManagementState { Unmanaged, } +/// OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorMode { #[serde(rename = "daemonset")] @@ -1921,524 +3368,969 @@ pub enum OpenTelemetryCollectorMode { Statefulset, } +/// ObservabilitySpec defines how telemetry data gets handled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorObservability { + /// Metrics defines the metrics configuration for operands. #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option, } +/// Metrics defines the metrics configuration for operands. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorObservabilityMetrics { + /// DisablePrometheusAnnotations controls the automatic addition of default Prometheus annotations + /// ('prometheus.io/scrape', 'prometheus.io/port', and 'prometheus.io/path') #[serde(default, skip_serializing_if = "Option::is_none", rename = "DisablePrometheusAnnotations")] pub disable_prometheus_annotations: Option, + /// EnableMetrics specifies if ServiceMonitor or PodMonitor(for sidecar mode) should be created for the service managed by the OpenTelemetry Operator. + /// The operator.observability. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableMetrics")] pub enable_metrics: Option, } +/// PodDisruptionBudget specifies the pod disruption budget configuration to use +/// for the OpenTelemetryCollector workload. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPodDisruptionBudget { + /// An eviction is allowed if at most "maxUnavailable" pods selected by + /// "selector" are unavailable after the eviction, i.e. even in absence of + /// the evicted pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, + /// An eviction is allowed if at least "minAvailable" pods selected by + /// "selector" will still be available after the eviction, i.e. even in the + /// absence of the evicted pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, } +/// PodSecurityContext configures the pod security context for the +/// opentelemetry-collector pod, when running as a deployment, daemonset, +/// or statefulset. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for th #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorPorts { + /// The application protocol for this port. + /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. + /// This field follows standard Kubernetes label syntax. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, + /// The port that will be exposed by this service. pub port: i32, + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } +/// Resources to set on the OpenTelemetry Collector pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// SecurityContext configures the container security context for +/// the opentelemetry-collector container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocator { + /// If specified, indicates the pod's scheduling constraints #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// AllocationStrategy determines which strategy the target allocator should use for allocation. + /// The current options are least-weighted, consistent-hashing and per-node. The default is + /// consistent-hashing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocationStrategy")] pub allocation_strategy: Option, + /// Enabled indicates whether to use a target allocation mechanism for Prometheus targets or not. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// ENV vars to set on the OpenTelemetry TargetAllocator's Pods. These can then in certain cases be + /// consumed in the config file for the TargetAllocator. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// FilterStrategy determines how to filter targets before allocating them among the collectors. + /// The only current option is relabel-config (drops targets based on prom relabel_config). #[serde(default, skip_serializing_if = "Option::is_none", rename = "filterStrategy")] pub filter_strategy: Option, + /// Image indicates the container image to use for the OpenTelemetry TargetAllocator. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// NodeSelector to schedule OpenTelemetry TargetAllocator pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// ObservabilitySpec defines how telemetry data gets handled. #[serde(default, skip_serializing_if = "Option::is_none")] pub observability: Option, + /// PodDisruptionBudget specifies the pod disruption budget configuration to use + /// for the target allocator workload. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podDisruptionBudget")] pub pod_disruption_budget: Option, + /// PodSecurityContext configures the pod security context for the + /// targetallocator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. #[serde(default, skip_serializing_if = "Option::is_none", rename = "prometheusCR")] pub prometheus_cr: Option, + /// Replicas is the number of pod instances for the underlying TargetAllocator. This should only be set to a value + /// other than 1 if a strategy that allows for high availability is chosen. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, + /// Resources to set on the OpenTelemetryTargetAllocator containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// SecurityContext configures the container security context for + /// the targetallocator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount indicates the name of an existing service account to use with this instance. When set, + /// the operator will not automatically create a ServiceAccount for the TargetAllocator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// Toleration embedded kubernetes pod configuration option, + /// controls how pods can be scheduled with matching taints #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// TopologySpreadConstraints embedded kubernetes pod configuration option, + /// controls how pods are spread across your cluster among failure-domains + /// such as regions, zones, nodes, and other user-defined top #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, } +/// If specified, indicates the pod's scheduling constraints #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-locate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-locate #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorTargetAllocatorAllocationStrategy { #[serde(rename = "least-weighted")] @@ -2449,355 +4341,654 @@ pub enum OpenTelemetryCollectorTargetAllocatorAllocationStrategy { PerNode, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// ObservabilitySpec defines how telemetry data gets handled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorObservability { + /// Metrics defines the metrics configuration for operands. #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option, } +/// Metrics defines the metrics configuration for operands. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorObservabilityMetrics { + /// DisablePrometheusAnnotations controls the automatic addition of default Prometheus annotations + /// ('prometheus.io/scrape', 'prometheus.io/port', and 'prometheus.io/path') #[serde(default, skip_serializing_if = "Option::is_none", rename = "DisablePrometheusAnnotations")] pub disable_prometheus_annotations: Option, + /// EnableMetrics specifies if ServiceMonitor or PodMonitor(for sidecar mode) should be created for the service managed by the OpenTelemetry Operator. + /// The operator.observability. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableMetrics")] pub enable_metrics: Option, } +/// PodDisruptionBudget specifies the pod disruption budget configuration to use +/// for the target allocator workload. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPodDisruptionBudget { + /// An eviction is allowed if at most "maxUnavailable" pods selected by + /// "selector" are unavailable after the eviction, i.e. even in absence of + /// the evicted pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, + /// An eviction is allowed if at least "minAvailable" pods selected by + /// "selector" will still be available after the eviction, i.e. even in the + /// absence of the evicted pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, } +/// PodSecurityContext configures the pod security context for the +/// targetallocator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for th #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCr { + /// Enabled indicates whether to use a PrometheusOperator custom resources as targets or not. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// PodMonitors to be selected for target discovery. + /// This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a + /// PodMonitor's meta labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podMonitorSelector")] pub pod_monitor_selector: Option>, + /// Interval between consecutive scrapes. Equivalent to the same setting on the Prometheus CRD. + /// + /// + /// Default: "30s" #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeInterval")] pub scrape_interval: Option, + /// ServiceMonitors to be selected for target discovery. + /// This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a + /// ServiceMonitor's meta labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceMonitorSelector")] pub service_monitor_selector: Option>, } +/// Resources to set on the OpenTelemetryTargetAllocator containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } +/// SecurityContext configures the container security context for +/// the targetallocator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. #[serde(rename = "type")] pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. #[serde(rename = "maxSkew")] pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. #[serde(rename = "topologyKey")] pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. #[serde(rename = "maxSkew")] pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. #[serde(rename = "topologyKey")] pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// UpdateStrategy represents the strategy the operator will take replacing existing DaemonSet pods with new pods +/// https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorUpdateStrategy { + /// Rolling update config params. Present only if type = "RollingUpdate". + /// --- + /// TODO: Update this to follow our convention for oneOf, whatever we decide it + /// to be. Same as Deployment `strategy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, + /// Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// Rolling update config params. Present only if type = "RollingUpdate". +/// --- +/// TODO: Update this to follow our convention for oneOf, whatever we decide it +/// to be. Same as Deployment `strategy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorUpdateStrategyRollingUpdate { + /// The maximum number of nodes with an existing available DaemonSet pod that + /// can have an updated DaemonSet pod during during an update. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, + /// The maximum number of DaemonSet pods that can be unavailable during the + /// update. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, } +/// OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OpenTelemetryCollectorUpgradeStrategy { #[serde(rename = "automatic")] @@ -2806,20 +4997,37 @@ pub enum OpenTelemetryCollectorUpgradeStrategy { None, } +/// PersistentVolumeClaim is a user's request for and claim to a persistent volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplates { + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, + /// spec defines the desired characteristics of a volume requested by a pod author. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, + /// status represents the current information/status of a persistent volume claim. + /// Read-only. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2834,348 +5042,620 @@ pub struct OpenTelemetryCollectorVolumeClaimTemplatesMetadata { pub namespace: Option, } +/// spec defines the desired characteristics of a volume requested by a pod author. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, + /// Kind is the type of resource being referenced pub kind: String, + /// Name is the name of resource being referenced pub name: String, } +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, + /// Kind is the type of resource being referenced pub kind: String, + /// Name is the name of resource being referenced pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// resources represents the minimum resources the volume should have. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// status represents the current information/status of a persistent volume claim. +/// Read-only. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesStatus { + /// accessModes contains the actual access modes the volume backing the PVC has. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, + /// allocatedResourceStatuses stores status of resource being resized for the given PVC. + /// Key names follow standard Kubernetes label syntax. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResourceStatuses")] pub allocated_resource_statuses: Option>, + /// allocatedResources tracks the resources allocated to a PVC including its capacity. + /// Key names follow standard Kubernetes label syntax. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, + /// capacity represents the actual resources of the underlying volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, + /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] pub current_volume_attributes_class_name: Option, + /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + /// When this is unset, there is no ModifyVolume operation being attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] pub modify_volume_status: Option, + /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, } +/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. +/// When this is unset, there is no ModifyVolume operation being attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeClaimTemplatesStatusModifyVolumeStatus { + /// status is the status of the ControllerModifyVolume operation. pub status: String, + /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] pub target_volume_attributes_class_name: Option, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumes { + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, + /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, + /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, + /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, + /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, + /// ephemeral represents a volume that is handled by a cluster storage driver. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, + /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, + /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, + /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesAwsElasticBlockStore { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } +/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesAzureDisk { + /// cachingMode is the Host Caching mode: None, Read Only, Read Write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] pub caching_mode: Option, + /// diskName is the Name of the data disk in the blob storage #[serde(rename = "diskName")] pub disk_name: String, + /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesAzureFile { + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretName is the name of secret that contains Azure Storage Account Name and Key #[serde(rename = "secretName")] pub secret_name: String, + /// shareName is the azure share Name #[serde(rename = "shareName")] pub share_name: String, } +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesCephfs { + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, + /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesCephfsSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesCinder { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesCinderSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesConfigMap { + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesCsi { + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesCsiNodePublishSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesDownwardApi { + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// Items is a list of downward API volume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEmptyDir { + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } +/// ephemeral represents a volume that is handled by a cluster storage driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeral { + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplate { + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. pub spec: OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpec, } +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3190,479 +5670,876 @@ pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateMetadata { pub namespace: Option, } +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, + /// Kind is the type of resource being referenced pub kind: String, + /// Name is the name of resource being referenced pub name: String, } +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, + /// Kind is the type of resource being referenced pub kind: String, + /// Name is the name of resource being referenced pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// resources represents the minimum resources the volume should have. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesFc { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesFlexVolume { + /// driver is the name of the driver to use for this volume. pub driver: String, + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesFlexVolumeSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesFlocker { + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, + /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] pub dataset_uuid: Option, } +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesGcePersistentDisk { + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesGitRepo { + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, + /// repository is the URL pub repository: String, + /// revision is the commit hash for the specified revision. #[serde(default, skip_serializing_if = "Option::is_none")] pub revision: Option, } +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesGlusterfs { + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesHostPath { + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesIscsi { + /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] pub chap_auth_discovery: Option, + /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// initiatorName is the custom iSCSI Initiator Name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, + /// iqn is the target iSCSI Qualified Name. pub iqn: String, + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, + /// lun represents iSCSI Target Lun number. pub lun: i32, + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } +/// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesIscsiSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesNfs { + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesPersistentVolumeClaim { + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesPhotonPersistentDisk { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// pdID is the ID that identifies Photon Controller persistent disk #[serde(rename = "pdID")] pub pd_id: String, } +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesPortworxVolume { + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID uniquely identifies a Portworx volume #[serde(rename = "volumeID")] pub volume_id: String, } +/// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjected { + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// sources is the list of volume projections #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } +/// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, + /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// downwardAPI information about the downwardAPI data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// secret information about the secret data to project #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// serviceAccountToken is information about the serviceAccountToken data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// Relative path from the volume root to write the bundle. pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesConfigMap { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// downwardAPI information about the downwardAPI data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesDownwardApi { + /// Items is a list of DownwardAPIVolume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesSecret { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional field specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesProjectedSourcesServiceAccountToken { + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesQuobyte { + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, + /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesRbd { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesRbdSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesScaleIo { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// gateway is the host address of the ScaleIO API Gateway. pub gateway: String, + /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: OpenTelemetryCollectorVolumesScaleIoSecretRef, + /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, + /// storagePool is the ScaleIO Storage Pool associated with the protection domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] pub storage_pool: Option, + /// system is the name of the storage system as configured in ScaleIO. pub system: String, + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesScaleIoSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesSecret { + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesStorageos { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesStorageosSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorVolumesVsphereVolume { + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] pub storage_policy_id: Option, + /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] pub storage_policy_name: Option, + /// volumePath is the path that identifies vSphere volume vmdk #[serde(rename = "volumePath")] pub volume_path: String, } +/// OpenTelemetryCollectorStatus defines the observed state of OpenTelemetryCollector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorStatus { + /// Image indicates the container image to use for the OpenTelemetry Collector. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Messages about actions performed by the operator on this resource. + /// Deprecated: use Kubernetes events instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub messages: Option>, + /// Replicas is currently not being set and might be removed in the next version. + /// Deprecated: use "OpenTelemetryCollector.Status.Scale.Replicas" instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, + /// Scale is the OpenTelemetryCollector's scale subresource status. #[serde(default, skip_serializing_if = "Option::is_none")] pub scale: Option, + /// Version of the managed OpenTelemetry Collector (operand) #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } +/// Scale is the OpenTelemetryCollector's scale subresource status. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorStatusScale { + /// The total number non-terminated pods targeted by this + /// OpenTelemetryCollector's deployment or statefulSet. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, + /// The selector used to match the OpenTelemetryCollector's + /// deployment or statefulSet pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, + /// StatusReplicas is the number of pods targeted by this OpenTelemetryCollector's with a Ready Condition / + /// Total number of non-terminated pods targeted by this OpenTelemetryCollector's (their labels matc #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusReplicas")] pub status_replicas: Option, } diff --git a/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs b/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs index 8eea41960..4ff80984d 100644 --- a/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs +++ b/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs @@ -41,6 +41,9 @@ pub struct PerconaPGClusterSpec { pub image_pull_secrets: Option>, /// Specifies one or more sets of PostgreSQL pods that replicate data for this cluster. pub instances: Vec, + /// Metadata contains metadata for custom resources + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, /// Whether or not the PostgreSQL cluster is being deployed to an OpenShift environment. If the field is unset, the operator will automatically detect the environment. #[serde(default, skip_serializing_if = "Option::is_none")] pub openshift: Option, @@ -6129,6 +6132,15 @@ pub struct PerconaPGClusterInstancesWalVolumeClaimSpecSelectorMatchExpressions { pub values: Option>, } +/// Metadata contains metadata for custom resources +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct PerconaPGClusterMetadata { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct PerconaPGClusterPatroni { /// Patroni dynamic configuration settings. Changes to this value will be automatically reloaded without validation. Changes to certain PostgreSQL parameters cause PostgreSQL to restart. More info: https://patroni.readthedocs.io/en/latest/SETTINGS.html diff --git a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs index f08099d12..6ab67f190 100644 --- a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs +++ b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs @@ -45,6 +45,8 @@ pub struct PerconaServerMongoDBBackupStatus { pub error: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransition")] pub last_transition: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestRestorableTime")] + pub latest_restorable_time: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pbmName")] pub pbm_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pbmPod")] diff --git a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs index 999a17f9f..6cb7862ba 100644 --- a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs +++ b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs @@ -37,6 +37,8 @@ pub struct PerconaServerMongoDBRestoreBackupSource { pub error: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransition")] pub last_transition: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestRestorableTime")] + pub latest_restorable_time: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pbmName")] pub pbm_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pbmPod")] diff --git a/kube-custom-resources-rs/src/scheduling_volcano_sh/v1beta1/queues.rs b/kube-custom-resources-rs/src/scheduling_volcano_sh/v1beta1/queues.rs index 22c0924be..431c2b983 100644 --- a/kube-custom-resources-rs/src/scheduling_volcano_sh/v1beta1/queues.rs +++ b/kube-custom-resources-rs/src/scheduling_volcano_sh/v1beta1/queues.rs @@ -25,6 +25,9 @@ pub struct QueueSpec { /// Guarantee indicate configuration about resource reservation #[serde(default, skip_serializing_if = "Option::is_none")] pub guarantee: Option, + /// Parent define the parent of queue + #[serde(default, skip_serializing_if = "Option::is_none")] + pub parent: Option, /// Reclaimable indicate whether the queue can be reclaimed by other queue #[serde(default, skip_serializing_if = "Option::is_none")] pub reclaimable: Option, diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs index 059992d80..a45f984ea 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs @@ -13,6 +13,8 @@ use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; #[kube(status = "PlatformEndpointStatus")] #[kube(schema = "disabled")] pub struct PlatformEndpointSpec { + /// Arbitrary user data to associate with the endpoint. Amazon SNS does not use + /// this data. The data must be in UTF-8 format and less than 2KB. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customUserData")] pub custom_user_data: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -21,6 +23,12 @@ pub struct PlatformEndpointSpec { /// create a an endpoint. #[serde(rename = "platformApplicationARN")] pub platform_application_arn: String, + /// Unique identifier created by the notification service for an app on a device. + /// The specific name for Token will vary, depending on which notification service + /// is being used. For example, when using APNS as the notification service, + /// you need the device token. Alternatively, when using GCM (Firebase Cloud + /// Messaging) or ADM, the device token equivalent is called the registration + /// ID. pub token: String, } diff --git a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs index 589ab9e94..14b9f9413 100644 --- a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs +++ b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs @@ -8,7 +8,9 @@ use serde::{Serialize, Deserialize}; /// ConstraintPodStatusStatus defines the observed state of ConstraintPodStatus. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConstraintPodStatusStatus { - /// Storing the constraint UID allows us to detect drift, such as when a constraint has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the constraint UID allows us to detect drift, such as + /// when a constraint has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "constraintUID")] pub constraint_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs index b5dacc904..89cf0478b 100644 --- a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs +++ b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs @@ -17,7 +17,9 @@ pub struct ConstraintTemplatePodStatusStatus { pub observed_generation: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub operations: Option>, - /// UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated. + /// UID is a type that holds unique ID values, including UUIDs. Because we + /// don't ONLY use UUIDs, this is an alias to string. Being a type captures + /// intent and helps make sure that UIDs and names do not get conflated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateUID")] pub template_uid: Option, } diff --git a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/expansiontemplatepodstatuses.rs b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/expansiontemplatepodstatuses.rs index d7db6ff8d..927f24848 100644 --- a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/expansiontemplatepodstatuses.rs +++ b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/expansiontemplatepodstatuses.rs @@ -17,7 +17,9 @@ pub struct ExpansionTemplatePodStatusStatus { pub observed_generation: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub operations: Option>, - /// UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated. + /// UID is a type that holds unique ID values, including UUIDs. Because we + /// don't ONLY use UUIDs, this is an alias to string. Being a type captures + /// intent and helps make sure that UIDs and names do not get conflated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateUID")] pub template_uid: Option, } diff --git a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/mutatorpodstatuses.rs b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/mutatorpodstatuses.rs index 96c350660..ca16ab558 100644 --- a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/mutatorpodstatuses.rs +++ b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/mutatorpodstatuses.rs @@ -14,7 +14,9 @@ pub struct MutatorPodStatusStatus { pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, - /// Storing the mutator UID allows us to detect drift, such as when a mutator has been recreated after its CRD was deleted out from under it, interrupting the watch + /// Storing the mutator UID allows us to detect drift, such as + /// when a mutator has been recreated after its CRD was deleted + /// out from under it, interrupting the watch #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutatorUID")] pub mutator_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] @@ -27,7 +29,8 @@ pub struct MutatorPodStatusStatus { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MutatorPodStatusStatusErrors { pub message: String, - /// Type indicates a specific class of error for use by controller code. If not present, the error should be treated as not matching any known type. + /// Type indicates a specific class of error for use by controller code. + /// If not present, the error should be treated as not matching any known type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/telemetry_istio_io/mod.rs b/kube-custom-resources-rs/src/telemetry_istio_io/mod.rs index 32a5a9d4f..21c0fbff9 100644 --- a/kube-custom-resources-rs/src/telemetry_istio_io/mod.rs +++ b/kube-custom-resources-rs/src/telemetry_istio_io/mod.rs @@ -1 +1,2 @@ +pub mod v1; pub mod v1alpha1; diff --git a/kube-custom-resources-rs/src/telemetry_istio_io/v1/mod.rs b/kube-custom-resources-rs/src/telemetry_istio_io/v1/mod.rs new file mode 100644 index 000000000..0f777758e --- /dev/null +++ b/kube-custom-resources-rs/src/telemetry_istio_io/v1/mod.rs @@ -0,0 +1 @@ +pub mod telemetries; diff --git a/kube-custom-resources-rs/src/telemetry_istio_io/v1/telemetries.rs b/kube-custom-resources-rs/src/telemetry_istio_io/v1/telemetries.rs new file mode 100644 index 000000000..21310f7ee --- /dev/null +++ b/kube-custom-resources-rs/src/telemetry_istio_io/v1/telemetries.rs @@ -0,0 +1,306 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/istio/istio/telemetry.istio.io/v1/telemetries.yaml --derive=Default --derive=PartialEq +// kopium version: 0.17.2 + +use kube::CustomResource; +use serde::{Serialize, Deserialize}; +use std::collections::BTreeMap; + +/// Telemetry configuration for workloads. See more details at: https://istio.io/docs/reference/config/telemetry.html +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "telemetry.istio.io", version = "v1", kind = "Telemetry", plural = "telemetries")] +#[kube(namespaced)] +#[kube(schema = "disabled")] +pub struct TelemetrySpec { + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessLogging")] + pub access_logging: Option>, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option>, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetRef")] + pub target_ref: Option, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tracing: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryAccessLogging { + /// Controls logging. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filter: Option, + /// Allows tailoring of logging behavior to specific conditions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] + pub r#match: Option, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub providers: Option>, +} + +/// Optional. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryAccessLoggingFilter { + /// CEL expression for selecting when requests/connections should be logged. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, +} + +/// Allows tailoring of logging behavior to specific conditions. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryAccessLoggingMatch { + /// This determines whether or not to apply the access logging configuration based on the direction of traffic relative to the proxied workload. + /// + /// Valid Options: CLIENT_AND_SERVER, CLIENT, SERVER + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +/// Allows tailoring of logging behavior to specific conditions. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum TelemetryAccessLoggingMatchMode { + #[serde(rename = "CLIENT_AND_SERVER")] + ClientAndServer, + #[serde(rename = "CLIENT")] + Client, + #[serde(rename = "SERVER")] + Server, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryAccessLoggingProviders { + /// Required. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryMetrics { + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub overrides: Option>, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub providers: Option>, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reportingInterval")] + pub reporting_interval: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryMetricsOverrides { + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, + /// Match allows providing the scope of the override. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] + pub r#match: Option, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagOverrides")] + pub tag_overrides: Option>, +} + +/// Match allows providing the scope of the override. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryMetricsOverridesMatch { + /// Allows free-form specification of a metric. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customMetric")] + pub custom_metric: Option, + /// One of the well-known [Istio Standard Metrics](https://istio.io/latest/docs/reference/config/metrics/). + /// + /// Valid Options: ALL_METRICS, REQUEST_COUNT, REQUEST_DURATION, REQUEST_SIZE, RESPONSE_SIZE, TCP_OPENED_CONNECTIONS, TCP_CLOSED_CONNECTIONS, TCP_SENT_BYTES, TCP_RECEIVED_BYTES, GRPC_REQUEST_MESSAGES, GRPC_RESPONSE_MESSAGES + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metric: Option, + /// Controls which mode of metrics generation is selected: `CLIENT`, `SERVER`, or `CLIENT_AND_SERVER`. + /// + /// Valid Options: CLIENT_AND_SERVER, CLIENT, SERVER + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +/// Match allows providing the scope of the override. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum TelemetryMetricsOverridesMatchMetric { + #[serde(rename = "ALL_METRICS")] + AllMetrics, + #[serde(rename = "REQUEST_COUNT")] + RequestCount, + #[serde(rename = "REQUEST_DURATION")] + RequestDuration, + #[serde(rename = "REQUEST_SIZE")] + RequestSize, + #[serde(rename = "RESPONSE_SIZE")] + ResponseSize, + #[serde(rename = "TCP_OPENED_CONNECTIONS")] + TcpOpenedConnections, + #[serde(rename = "TCP_CLOSED_CONNECTIONS")] + TcpClosedConnections, + #[serde(rename = "TCP_SENT_BYTES")] + TcpSentBytes, + #[serde(rename = "TCP_RECEIVED_BYTES")] + TcpReceivedBytes, + #[serde(rename = "GRPC_REQUEST_MESSAGES")] + GrpcRequestMessages, + #[serde(rename = "GRPC_RESPONSE_MESSAGES")] + GrpcResponseMessages, +} + +/// Match allows providing the scope of the override. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum TelemetryMetricsOverridesMatchMode { + #[serde(rename = "CLIENT_AND_SERVER")] + ClientAndServer, + #[serde(rename = "CLIENT")] + Client, + #[serde(rename = "SERVER")] + Server, +} + +/// Optional. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryMetricsOverridesTagOverrides { + /// Operation controls whether or not to update/add a tag, or to remove it. + /// + /// Valid Options: UPSERT, REMOVE + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operation: Option, + /// Value is only considered if the operation is `UPSERT`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Optional. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum TelemetryMetricsOverridesTagOverridesOperation { + #[serde(rename = "UPSERT")] + Upsert, + #[serde(rename = "REMOVE")] + Remove, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryMetricsProviders { + /// Required. + pub name: String, +} + +/// Optional. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetrySelector { + /// One or more labels that indicate a specific set of pods/VMs on which a policy should be applied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// Optional. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTargetRef { + /// group is the group of the target resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// kind is kind of the target resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// name is the name of the target resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// namespace is the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracing { + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customTags")] + pub custom_tags: Option>, + /// Controls span reporting. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableSpanReporting")] + pub disable_span_reporting: Option, + /// Allows tailoring of behavior to specific conditions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] + pub r#match: Option, + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub providers: Option>, + /// Controls the rate at which traffic will be selected for tracing if no prior sampling decision has been made. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "randomSamplingPercentage")] + pub random_sampling_percentage: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useRequestIdForTraceSampling")] + pub use_request_id_for_trace_sampling: Option, +} + +/// Optional. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingCustomTags { + /// Environment adds the value of an environment variable to each span. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub environment: Option, + /// RequestHeader adds the value of an header from the request to each span. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub header: Option, + /// Literal adds the same, hard-coded value to each span. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub literal: Option, +} + +/// Environment adds the value of an environment variable to each span. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingCustomTagsEnvironment { + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultValue")] + pub default_value: Option, + /// Name of the environment variable from which to extract the tag value. + pub name: String, +} + +/// RequestHeader adds the value of an header from the request to each span. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingCustomTagsHeader { + /// Optional. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultValue")] + pub default_value: Option, + /// Name of the header from which to extract the tag value. + pub name: String, +} + +/// Literal adds the same, hard-coded value to each span. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingCustomTagsLiteral { + /// The tag value to use. + pub value: String, +} + +/// Allows tailoring of behavior to specific conditions. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingMatch { + /// This determines whether or not to apply the tracing configuration based on the direction of traffic relative to the proxied workload. + /// + /// Valid Options: CLIENT_AND_SERVER, CLIENT, SERVER + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, +} + +/// Allows tailoring of behavior to specific conditions. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum TelemetryTracingMatchMode { + #[serde(rename = "CLIENT_AND_SERVER")] + ClientAndServer, + #[serde(rename = "CLIENT")] + Client, + #[serde(rename = "SERVER")] + Server, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TelemetryTracingProviders { + /// Required. + pub name: String, +} + From 26343c0d85fbb17dfa762a76f4117b3485d300ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Fri, 5 Apr 2024 14:54:14 +0200 Subject: [PATCH 2/2] remove Default trait MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- .../v1beta1/configconstraints.args | 1 + .../v1beta1/configconstraints.rs | 40 +++++++++---------- 2 files changed, 21 insertions(+), 20 deletions(-) create mode 100644 crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.args diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.args b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.args new file mode 100644 index 000000000..7ab47510b --- /dev/null +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.args @@ -0,0 +1 @@ +--derive=PartialEq diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs index b2672a1c9..45d1aba35 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1beta1/configconstraints.rs @@ -1,5 +1,5 @@ // WARNING: generated by kopium - manual changes will be overwritten -// kopium command: kopium --docs --filename=./crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml --derive=Default --derive=PartialEq +// kopium command: kopium --docs --filename=./crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1beta1/configconstraints.yaml --derive=PartialEq // kopium version: 0.17.2 use kube::CustomResource; @@ -9,7 +9,7 @@ use std::collections::HashMap; use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; /// ConfigConstraintSpec defines the desired state of ConfigConstraint -#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] #[kube(group = "apps.kubeblocks.io", version = "v1beta1", kind = "ConfigConstraint", plural = "configconstraints")] #[kube(status = "ConfigConstraintStatus")] #[kube(schema = "disabled")] @@ -58,7 +58,7 @@ pub struct ConfigConstraintSpec { } /// List constraints rules for each config parameters. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintConfigSchema { /// Enables providers to verify user configurations using the CUE language. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -68,7 +68,7 @@ pub struct ConfigConstraintConfigSchema { pub schema_in_json: Option>, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDownwardActions { /// The command used to execute for the downward API. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -83,7 +83,7 @@ pub struct ConfigConstraintDownwardActions { } /// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDownwardActionsItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] @@ -99,7 +99,7 @@ pub struct ConfigConstraintDownwardActionsItems { } /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDownwardActionsItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] @@ -110,7 +110,7 @@ pub struct ConfigConstraintDownwardActionsItemsFieldRef { } /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDownwardActionsItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] @@ -132,7 +132,7 @@ pub enum ConfigConstraintDynamicParameterSelectedPolicy { } /// Specifies the dynamic reload actions supported by the engine. If set, the controller call the scripts defined in the actions for a dynamic parameter upgrade. The actions are called only when the modified parameter is defined in dynamicParameters part && DynamicReloadAction != nil -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadAction { /// Used to automatically perform the reload command when conditions are met. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoTrigger")] @@ -149,7 +149,7 @@ pub struct ConfigConstraintDynamicReloadAction { } /// Used to automatically perform the reload command when conditions are met. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadActionAutoTrigger { /// The name of the process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "processName")] @@ -157,7 +157,7 @@ pub struct ConfigConstraintDynamicReloadActionAutoTrigger { } /// Used to perform the reload command in shell script. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadActionShellTrigger { /// When `batchReload` is set to 'True', this parameter allows for the optional specification of the batch input format that is passed into the STDIN of the script. The format should be provided as a Go template string. In the template, the updated parameters' key-value map can be referenced using the dollar sign ('$') variable. Here's an example of an input template: /// ```yaml @@ -191,7 +191,7 @@ pub struct ConfigConstraintDynamicReloadActionShellTrigger { } /// Used to perform the reload command by Go template script. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadActionTplScriptTrigger { /// Specifies the namespace where the referenced tpl script ConfigMap in. If left empty, by default in the "default" namespace. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -205,7 +205,7 @@ pub struct ConfigConstraintDynamicReloadActionTplScriptTrigger { } /// Used to trigger a reload by sending a Unix signal to the process. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadActionUnixSignalTrigger { /// Represents the name of the process that the Unix signal sent to. #[serde(rename = "processName")] @@ -282,7 +282,7 @@ pub enum ConfigConstraintDynamicReloadActionUnixSignalTriggerSignal { } /// Used to match labels on the pod to do a dynamic reload -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] @@ -293,7 +293,7 @@ pub struct ConfigConstraintDynamicReloadSelector { } /// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintDynamicReloadSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, @@ -305,7 +305,7 @@ pub struct ConfigConstraintDynamicReloadSelectorMatchExpressions { } /// Describes the format of the config file. The controller works as follows: 1. Parse the config file 2. Get the modified parameters 3. Trigger the corresponding action -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintFormatterConfig { /// The config file format. Valid values are `ini`, `xml`, `yaml`, `json`, `hcl`, `dotenv`, `properties` and `toml`. Each format has its own characteristics and use cases. /// - ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file - xml: refers to wiki: https://en.wikipedia.org/wiki/XML - yaml: supports for complex data types and structures. - json: refers to wiki: https://en.wikipedia.org/wiki/JSON - hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/ - dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS - properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties - toml: refers to wiki: https://en.wikipedia.org/wiki/TOML - props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp) @@ -341,7 +341,7 @@ pub enum ConfigConstraintFormatterConfigFormat { } /// A pointer to an IniConfig struct that holds the ini options. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintFormatterConfigIniConfig { /// A string that describes the name of the ini section. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] @@ -349,7 +349,7 @@ pub struct ConfigConstraintFormatterConfigIniConfig { } /// Tools used by the dynamic reload actions. Usually it is referenced by the 'init container' for 'cp' it to a binary volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintReloadToolsImage { /// Represents the point where the scripts file will be mounted. #[serde(rename = "mountPoint")] @@ -359,7 +359,7 @@ pub struct ConfigConstraintReloadToolsImage { pub tool_configs: Option>, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintReloadToolsImageToolConfigs { /// Commands to be executed when init containers. pub command: Vec, @@ -371,7 +371,7 @@ pub struct ConfigConstraintReloadToolsImageToolConfigs { pub name: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintScriptConfigs { /// Specifies the namespace where the referenced tpl script ConfigMap in. If left empty, by default in the "default" namespace. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -381,7 +381,7 @@ pub struct ConfigConstraintScriptConfigs { pub script_config_map_ref: String, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ConfigConstraintStatus { /// Provides descriptions for abnormal states. #[serde(default, skip_serializing_if = "Option::is_none")]